Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket prior to 1.9.5 allows remote malicious users to inject arbitrary web script or HTML via the status parameter in a search action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osticket osticket |