Andrei Manole

**Name of the Vulnerable Software and Affected Versions** SmarterTrack version 7922 **Description** The software contains an information disclosure issue in the Chat Management search form. This allows unauthorized access to agent identification details, specifically agents' first and last names and their unique identifiers. Attackers can exploit this by accessing the `/Management/Chat/frmChatSearch.aspx` endpoint. The vulnerable parameter is not explicitly mentioned. **Recommendations** Apply a fix to address the information disclosure in the Chat Management search form. Restrict access to the `/Management/Chat/frmChatSearch.aspx` endpoint.