CVE-2026-1049 | LigeroSmart up to 6.1.26 /otrs/index.pl TicketID cross site scripting (Issue 280)

Inserito da Angelo Barbosa | Gen 16, 2026 | CVE

A vulnerability classified as problematic was found in LigeroSmart up to 6.1.26. The affected element is an unknown function of the file /otrs/index.pl. Such manipulation of the argument TicketID leads to cross site scripting.

This vulnerability is referenced as CVE-2026-1049. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-1049 | LigeroSmart up to 6.1.26 /otrs/index.pl TicketID cross site scripting (Issue 280)

Post correlati

CVE-2024-31095 | Ricard Torres Thumbs Rating Plugin up to 5.1.0 on WordPress authorization

CVE-2024-38277 | Moodle up to 4.1.10/4.2.7/4.3.4/4.4 QR Login Key a key past its expiration date

CVE-2024-27623 | CMS Made Simple 2.2.19 Template injection

CVE-2024-43762 | Google Android 12/12L/13/14/15 Local Privilege Escalation