PT-2026-8319 · Unknown · Ligerosmart

Igobysamy

+1

·

Publicado

2026-02-16

·

Atualizado

2026-02-16

·

CVE-2026-2545

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions LigeroSmart versions up to 6.1.26
Description A flaw exists in LigeroSmart that allows for cross site scripting. The issue is related to the manipulation of the Profile argument within the /otrs/index.pl?Action=AgentTicketSearch API endpoint. The exploit has been publicly released and could be used for attacks. The project was notified of the issue but has not yet responded.
Recommendations Versions prior to 6.1.26 should be updated.

Exploit

Correção

XSS

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79CWE-94

Identificadores relacionados

CVE-2026-2545

Produtos afetados

Ligerosmart