What you need to know today.
Critical SSRF in osTicket, RCE in Coturn, and WAF bypass in ModSecurity lead today's security brief.

A critical Server-Side Request Forgery (SSRF) vulnerability in osTicket before 1.14.3 allows attackers to add malicious files to the server or perform port scanning. This flaw, tracked as CVE-2020-24881, carries a CVSS score of 9.8, highlighting its severity. The vulnerability stems from improper handling of file uploads, enabling the injection of malicious content. Users are advised to update to osTicket 1.14.3 or later to mitigate this risk.
Multiple vulnerabilities have been disclosed in the Coturn TURN server software, with CVE-2026-53450 and CVE-2026-53448 posing significant risks. CVE-2026-53450, a local services exposure via IPv4-mapped IPv6 address bypass, and CVE-2026-53448, an arbitrary code execution flaw via SQL injection in the HTTPS admin panel, both carry high severity ratings. Additionally, CVE-2026-53449 allows for arbitrary file overwrite via CLI commands. These issues underscore the need for prompt patching and security hardening of Coturn deployments.
Several Cross-Site Scripting (XSS) vulnerabilities have been identified across various osTicket versions. CVE-2019-14750 and CVE-2019-11537, affecting versions before 1.10.7 and 1.12.1 respectively, allow for stored XSS in installation scripts and user import functionalities. Other XSS flaws, such as CVE-2020-24917 and CVE-2018-7196, stem from unvalidated input in file uploads and URL parameters, respectively. These vulnerabilities could allow attackers to inject malicious scripts into user sessions, potentially leading to session hijacking or other malicious activities.
ModSecurity, a web application firewall, is affected by two vulnerabilities that could allow attackers to bypass security rules. CVE-2026-52747 involves an incorrect handling of line breaks in form data, while CVE-2026-52761 is due to improper UTF-8 to Unicode transformation. As reported by Cyber Security News, these flaws could enable attackers to circumvent WAF protections, potentially leading to successful exploitation of other underlying web application vulnerabilities. Users should ensure their ModSecurity installations are updated to the latest versions.
A critical Server-Side Request Forgery (SSRF) vulnerability in osTicket before 1.14.3 allows attackers to add malicious files to the server or perform port scanning. This flaw, tracked as CVE-2020-24881, carries a CVSS score of 9.8, highlighting its severity. The vulnerability stems from improper handling of file uploads, enabling the injection of malicious content. Users are advised to update to osTicket 1.14.3 or later to mitigate this risk.
Multiple vulnerabilities have been disclosed in the Coturn TURN server software, with CVE-2026-53450 and CVE-2026-53448 posing significant risks. CVE-2026-53450, a local services exposure via IPv4-mapped IPv6 address bypass, and CVE-2026-53448, an arbitrary code execution flaw via SQL injection in the HTTPS admin panel, both carry high severity ratings. Additionally, CVE-2026-53449 allows for arbitrary file overwrite via CLI commands. These issues underscore the need for prompt patching and security hardening of Coturn deployments.
Several Cross-Site Scripting (XSS) vulnerabilities have been identified across various osTicket versions. CVE-2019-14750 and CVE-2019-11537, affecting versions before 1.10.7 and 1.12.1 respectively, allow for stored XSS in installation scripts and user import functionalities. Other XSS flaws, such as CVE-2020-24917 and CVE-2018-7196, stem from unvalidated input in file uploads and URL parameters, respectively. These vulnerabilities could allow attackers to inject malicious scripts into user sessions, potentially leading to session hijacking or other malicious activities.
ModSecurity, a web application firewall, is affected by two vulnerabilities that could allow attackers to bypass security rules. CVE-2026-52747 involves an incorrect handling of line breaks in form data, while CVE-2026-52761 is due to improper UTF-8 to Unicode transformation. As reported by Cyber Security News, these flaws could enable attackers to circumvent WAF protections, potentially leading to successful exploitation of other underlying web application vulnerabilities. Users should ensure their ModSecurity installations are updated to the latest versions.