{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T16:14:44.935","vulnerabilities":[{"cve":{"id":"CVE-2024-12123","sourceIdentifier":"b7efe717-a805-47cf-8e9a-921fca0ce0ce","published":"2024-12-04T04:15:04.430","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. \n\nWhen an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy.  The ticket requester can be changed from the original requester to another user in the same application, \nwhich the application then accepts."},{"lang":"es","value":"Se identificó una vulnerabilidad de manipulación de campos ocultos en la versión 17.1 de Issuetrak que podría ser activada por un usuario autenticado. Cuando un usuario autenticado envía un ticket, la solicitud puede ser interceptada y posteriormente modificada mediante un proxy. El solicitante del ticket puede cambiar de solicitante original a otro usuario en la misma aplicación, que luego la aplicación acepta."}],"metrics":{"cvssMetricV40":[{"source":"b7efe717-a805-47cf-8e9a-921fca0ce0ce","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"b7efe717-a805-47cf-8e9a-921fca0ce0ce","type":"Secondary","description":[{"lang":"en","value":"CWE-472"},{"lang":"en","value":"CWE-837"}]}],"references":[{"url":"https://helpcenter.issuetrak.com/home/2340-issuetrak-release-notes","source":"b7efe717-a805-47cf-8e9a-921fca0ce0ce"}]}}]}