CVE-2026-2547

Sažetak

A vulnerability was detected in LigeroSmart up to 6.1.26. The impacted element is the function AgentDashboard of the file /otrs/index.pl. Performing a manipulation of the argument Subaction results in cross site scripting. Remote exploitation of the attack is possible. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Reference

https://github.com/LigeroSmart/ligerosmart/
https://github.com/LigeroSmart/ligerosmart/issues/284
https://github.com/LigeroSmart/ligerosmart/issues/284#issue-3879280231
https://vuldb.com/?ctiid.346156
https://vuldb.com/?id.346156
https://vuldb.com/?submit.749788

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

16-02-2026 - 09:16

Objavljeno

16-02-2026 - 09:16