VYPR
Medium severity4.3NVD Advisory· Published May 9, 2026· Updated May 11, 2026

CVE-2026-8194

CVE-2026-8194

Description

A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. The manipulation of the argument _method leads to cross-site request forgery. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through a pull request but has not reacted yet.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Osticket/Osticketreferences2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=1.18.3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.