XSS in Smartertools Smartertrack

CVE-2009-4995

Cross-site scripting (XSS) vulnerability in frmTickets.aspx in SmarterTools SmarterTrack before 4.0.3504 allows remote attackers to inject arbitrary web script or HTML via the email address field. NOTE: the provenance of this information…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.009 (53.7th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References

  • cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)