CVE-2026-1048 | LigeroSmart up to 6.1.26 index.pl?Action=AgentTicketZoom TicketID cross site scripting (Issue 279)

Inserito da Angelo Barbosa | Gen 16, 2026 | CVE

A vulnerability classified as problematic has been found in LigeroSmart up to 6.1.26. Impacted is an unknown function of the file /otrs/index.pl?Action=AgentTicketZoom. This manipulation of the argument TicketID causes cross site scripting.

The identification of this vulnerability is CVE-2026-1048. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-1048 | LigeroSmart up to 6.1.26 index.pl?Action=AgentTicketZoom TicketID cross site scripting (Issue 279)

Post correlati

CVE-2024-20516 | Cisco Small Business RV Router up to 4.2.3.14 Web-based Management Interface heap-based overflow (cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV)

CVE-2021-33633 | openEuler aops-ceres up to 1.4.1 on Linux ceres/function/util.Py os command injection

CVE-2024-7015 | Profelis Informatics and Consulting PassBox up to 1.1 improper authentication

CVE-2024-30104 | Microsoft unknown vulnerability