Sysaid: >> Sysaid >> 22.2.20 Security Vulnerabilities
SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-11-24