Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osticket osticket vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-1318
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
4.8
CVSSv3
CVE-2023-1319
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
6.1
CVSSv3
CVE-2023-1320
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2020-12629
include/class.sla.php in osTicket prior to 1.14.2 allows XSS via the SLA Name.
Enhancesoft Osticket
1 Github repository
6.1
CVSSv3
CVE-2020-22608
Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php.
Enhancesoft Osticket
6.1
CVSSv3
CVE-2020-22609
Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php.
Enhancesoft Osticket
1 Github repository
7.5
CVSSv3
CVE-2023-30082
A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure w...
Enhancesoft Osticket 1.17.2
4.8
CVSSv3
CVE-2023-27148
A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter.
Enhancesoft Osticket 1.17.2
4.8
CVSSv3
CVE-2023-27149
A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list.
Enhancesoft Osticket 1.17.2
6.1
CVSSv3
CVE-2019-13397
Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote malicious user to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket.
Enhancesoft Osticket 1.10.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »