VYPR
Vendor

Issuetrak

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2025-2271HigMar 13, 2025
    risk 0.50cvss 7.7epss 0.00

    A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference (IDOR) vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access…

  • CVE-2024-12123MedDec 4, 2024
    risk 0.34cvss epss 0.00

    A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user.  When an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy.  The ticket requester…

  • CVE-2024-11479MedDec 4, 2024
    risk 0.33cvss epss 0.00

    A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the emails sent to all users on that ticket.