VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published May 27, 2012· Updated Apr 29, 2026

CVE-2012-2235

CVE-2012-2235

Description

Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is not properly handled in an error message.

Affected products

39
  • Sitracker/Support Incident Tracker39 versions
    cpe:2.3:a:sitracker:support_incident_tracker:3.03:*:*:*:*:*:*:*+ 38 more
    • cpe:2.3:a:sitracker:support_incident_tracker:3.03:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.03a:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.04a:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.05:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.06:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.07:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.45:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.45:beta1:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.50:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.50:beta1:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.51:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.60:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.61:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.62:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.63:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.63:beta1:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.64:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:4.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:7.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:*:*:*:*:*:*:*:*range: <=3.65
    • cpe:2.3:a:sitracker:support_incident_tracker:1.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:2.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta1:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta2:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta3:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.01:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:3.02:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:8.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:9.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:10.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:11.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:14.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:16.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:17.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:18.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:21.8.00:*:*:*:*:*:*:*
    • cpe:2.3:a:sitracker:support_incident_tracker:31.07.00:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.