Vendor CVEs
Osticket
All CVEs
60 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15580 | Cri | 0.68 | 9.8 | 0.16 | Oct 23, 2017 | osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a… | ||
| CVE-2017-14396 | Cri | 0.60 | 9.8 | 0.03 | Sep 12, 2017 | In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php. | ||
| CVE-2018-7195 | Hig | 0.53 | 8.1 | 0.01 | Mar 27, 2018 | Enhancesoft osTicket before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated e-mail address is known) by leveraging guest access and guessing a 6-digit number. | ||
| CVE-2018-7196 | Med | 0.40 | 6.1 | 0.02 | Mar 27, 2018 | Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter. | ||
| CVE-2018-7193 | Med | 0.40 | 6.1 | 0.02 | Mar 27, 2018 | Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "order" parameter. | ||
| CVE-2018-7192 | Med | 0.40 | 6.1 | 0.02 | Mar 27, 2018 | Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter. | ||
| CVE-2017-15362 | Med | 0.40 | 6.1 | 0.01 | Oct 16, 2017 | osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish… | ||
| CVE-2026-9507 | Med | 0.33 | — | 0.00 | Jun 16, 2026 | A session fixation vulnerability has been identified in osTicket v1.18.2. This security flaw allows an attacker to hijack a victim’s account by keeping the initial session identifier (OSTSESSID) active after a successful login. The issue lies in the fact that the… | ||
| CVE-2018-7194 | Med | 0.32 | 4.9 | 0.01 | Mar 27, 2018 | Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a large number of digits in the ticket number format setting. | ||
| CVE-2026-26895 | Med | 0.27 | 5.3 | 0.00 | Apr 2, 2026 | User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform. | ||
| CVE-2026-8194 | Med | 0.21 | 4.3 | 0.00 | May 9, 2026 | A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. The manipulation of the argument _method leads to cross-site request forgery. Remote exploitation of the… | ||
| CVE-2026-22200 | 0.09 | — | 0.73 | Jan 12, 2026 | Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which… | |||
| CVE-2020-24881 | 0.09 | — | 0.73 | Nov 2, 2020 | SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning. | |||
| CVE-2021-45811 | 0.05 | — | 0.03 | Sep 8, 2023 | A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination. | |||
| CVE-2019-14749 | 0.04 | — | 0.10 | Aug 7, 2019 | An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields… | |||
| CVE-2019-14750 | 0.04 | — | 0.12 | Aug 7, 2019 | An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields… | |||
| CVE-2004-0613 | 0.04 | — | 0.10 | Dec 6, 2004 | osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory. | |||
| CVE-2019-14748 | 0.03 | — | 0.03 | Aug 7, 2019 | An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the… | |||
| CVE-2019-11537 | 0.03 | — | 0.05 | Apr 25, 2019 | In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/users.php?do=import-users, and /upload/scp/ajax.php/users/import if an agent manager user uploads a crafted .csv file to the User Importer, because file contents can appear in an error message. The XSS can… | |||
| CVE-2010-0605 | 0.03 | — | 0.03 | Feb 11, 2010 | SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter. | |||
| CVE-2009-2361 | 0.03 | — | 0.05 | Jul 8, 2009 | SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter. | |||
| CVE-2006-6733 | 0.03 | — | 0.01 | Dec 26, 2006 | Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows remote attackers to inject arbitrary web script or HTML via the e parameter. | |||
| CVE-2005-2154 | 0.03 | — | 0.02 | Jul 6, 2005 | PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter. | |||
| CVE-2025-45387 | 0.00 | — | 0.00 | Jun 2, 2025 | osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php. | |||
| CVE-2025-26241 | 0.00 | — | 0.00 | May 5, 2025 | A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination. | |||
| CVE-2023-46967 | 0.00 | — | 0.00 | Feb 20, 2024 | Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket. | |||
| CVE-2023-27149 | 0.00 | — | 0.00 | Oct 23, 2023 | A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list. | |||
| CVE-2023-27148 | 0.00 | — | 0.00 | Oct 23, 2023 | A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter. | |||
| CVE-2023-30082 | 0.00 | — | 0.01 | Jun 14, 2023 | A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure… | |||
| CVE-2022-31890 | 0.00 | — | 0.01 | Apr 5, 2023 | SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function. | |||
| CVE-2022-31889 | 0.00 | — | 0.01 | Apr 5, 2023 | Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae. | |||
| CVE-2022-31888 | 0.00 | — | 0.01 | Apr 5, 2023 | Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2. | |||
| CVE-2023-1316 | 0.00 | — | 0.01 | Mar 10, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6. | |||
| CVE-2023-1315 | 0.00 | — | 0.01 | Mar 10, 2023 | Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. | |||
| CVE-2023-1317 | 0.00 | — | 0.01 | Mar 10, 2023 | Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. | |||
| CVE-2023-1318 | 0.00 | — | 0.01 | Mar 10, 2023 | Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6. | |||
| CVE-2023-1319 | 0.00 | — | 0.00 | Mar 10, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6. | |||
| CVE-2023-1320 | 0.00 | — | 0.01 | Mar 10, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6. | |||
| CVE-2022-4271 | 0.00 | — | 0.01 | Dec 2, 2022 | Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4. | |||
| CVE-2022-32074 | 0.00 | — | 0.01 | Jul 13, 2022 | A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file. | |||
| CVE-2021-42235 | 0.00 | — | 0.01 | May 4, 2022 | SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality. | |||
| CVE-2020-22609 | 0.00 | — | 0.01 | Jun 28, 2021 | Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php. | |||
| CVE-2020-22608 | 0.00 | — | 0.01 | Jun 28, 2021 | Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php. | |||
| CVE-2020-24917 | 0.00 | — | 0.01 | Aug 30, 2020 | osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php. | |||
| CVE-2020-16193 | 0.00 | — | 0.01 | Aug 26, 2020 | osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info['notes'] call. | |||
| CVE-2020-14012 | 0.00 | — | 0.01 | Jun 10, 2020 | scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent. | |||
| CVE-2020-12629 | 0.00 | — | 0.01 | May 4, 2020 | include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name. | |||
| CVE-2019-13397 | 0.00 | — | 0.01 | Jul 9, 2019 | Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket. | |||
| CVE-2015-1347 | 0.00 | — | 0.01 | Jan 23, 2015 | Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket before 1.9.5.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | |||
| CVE-2015-1176 | 0.00 | — | 0.02 | Jan 23, 2015 | Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action. |
- risk 0.68cvss 9.8epss 0.16
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a…
- risk 0.60cvss 9.8epss 0.03
In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php.
- risk 0.53cvss 8.1epss 0.01
Enhancesoft osTicket before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated e-mail address is known) by leveraging guest access and guessing a 6-digit number.
- risk 0.40cvss 6.1epss 0.02
Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter.
- risk 0.40cvss 6.1epss 0.02
Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "order" parameter.
- risk 0.40cvss 6.1epss 0.02
Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter.
- risk 0.40cvss 6.1epss 0.01
osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish…
- risk 0.33cvss —epss 0.00
A session fixation vulnerability has been identified in osTicket v1.18.2. This security flaw allows an attacker to hijack a victim’s account by keeping the initial session identifier (OSTSESSID) active after a successful login. The issue lies in the fact that the…
- risk 0.32cvss 4.9epss 0.01
Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a large number of digits in the ticket number format setting.
- risk 0.27cvss 5.3epss 0.00
User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform.
- risk 0.21cvss 4.3epss 0.00
A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. The manipulation of the argument _method leads to cross-site request forgery. Remote exploitation of the…
- CVE-2026-22200Jan 12, 2026risk 0.09cvss —epss 0.73
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which…
- CVE-2020-24881Nov 2, 2020risk 0.09cvss —epss 0.73
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
- CVE-2021-45811Sep 8, 2023risk 0.05cvss —epss 0.03
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
- CVE-2019-14749Aug 7, 2019risk 0.04cvss —epss 0.10
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields…
- CVE-2019-14750Aug 7, 2019risk 0.04cvss —epss 0.12
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields…
- CVE-2004-0613Dec 6, 2004risk 0.04cvss —epss 0.10
osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
- CVE-2019-14748Aug 7, 2019risk 0.03cvss —epss 0.03
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the…
- CVE-2019-11537Apr 25, 2019risk 0.03cvss —epss 0.05
In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/users.php?do=import-users, and /upload/scp/ajax.php/users/import if an agent manager user uploads a crafted .csv file to the User Importer, because file contents can appear in an error message. The XSS can…
- CVE-2010-0605Feb 11, 2010risk 0.03cvss —epss 0.03
SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.
- CVE-2009-2361Jul 8, 2009risk 0.03cvss —epss 0.05
SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter.
- CVE-2006-6733Dec 26, 2006risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows remote attackers to inject arbitrary web script or HTML via the e parameter.
- CVE-2005-2154Jul 6, 2005risk 0.03cvss —epss 0.02
PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.
- CVE-2025-45387Jun 2, 2025risk 0.00cvss —epss 0.00
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
- CVE-2025-26241May 5, 2025risk 0.00cvss —epss 0.00
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
- CVE-2023-46967Feb 20, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket.
- CVE-2023-27149Oct 23, 2023risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list.
- CVE-2023-27148Oct 23, 2023risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter.
- CVE-2023-30082Jun 14, 2023risk 0.00cvss —epss 0.01
A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure…
- CVE-2022-31890Apr 5, 2023risk 0.00cvss —epss 0.01
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
- CVE-2022-31889Apr 5, 2023risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
- CVE-2022-31888Apr 5, 2023risk 0.00cvss —epss 0.01
Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.
- CVE-2023-1316Mar 10, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
- CVE-2023-1315Mar 10, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
- CVE-2023-1317Mar 10, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
- CVE-2023-1318Mar 10, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
- CVE-2023-1319Mar 10, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
- CVE-2023-1320Mar 10, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
- CVE-2022-4271Dec 2, 2022risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.
- CVE-2022-32074Jul 13, 2022risk 0.00cvss —epss 0.01
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
- CVE-2021-42235May 4, 2022risk 0.00cvss —epss 0.01
SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality.
- CVE-2020-22609Jun 28, 2021risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php.
- CVE-2020-22608Jun 28, 2021risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php.
- CVE-2020-24917Aug 30, 2020risk 0.00cvss —epss 0.01
osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.
- CVE-2020-16193Aug 26, 2020risk 0.00cvss —epss 0.01
osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info['notes'] call.
- CVE-2020-14012Jun 10, 2020risk 0.00cvss —epss 0.01
scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent.
- CVE-2020-12629May 4, 2020risk 0.00cvss —epss 0.01
include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.
- CVE-2019-13397Jul 9, 2019risk 0.00cvss —epss 0.01
Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket.
- CVE-2015-1347Jan 23, 2015risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket before 1.9.5.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
- CVE-2015-1176Jan 23, 2015risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action.
Page 1 of 2