CNNVD-202601-2908 Information

CNNVD ID

CNNVD-202601-2908

Related CVE

CVE-2026-1048

• CNNVD Published: 2026-01-17

Description (Chinese)

LigeroSmart是LigeroSmart开源的一个管理平台。 LigeroSmart 6.1.26及之前版本存在代码注入漏洞，该漏洞源于对文件/otrs/index.pl?Action=AgentTicketZoom中参数TicketID的错误操作，可能导致跨站脚本攻击。

Description (English)

LigeroSmart is a management platform for the LigeroSmart open source. LigeroSmart 6.1.26 and previous versions contained code-injection holes, which resulted from the error of the parameter TicketID in file/otrs/index.pl?Action=AgentTicketZoom, which could result in a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

LigeroSmart

Published

2026-01-17

Last Modified

2026-02-24

References

https://github.com/LigeroSmart/ligerosmart/issues/279 https://vuldb.com/?ctiid.341600 https://vuldb.com/?submit.729399 https://github.com/LigeroSmart/ligerosmart/issues/279#issue-3775562926 https://vuldb.com/?id.341600 https://access.redhat.com/security/cve/cve-2026-1048