A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated malicious users to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
enhancesoft osticket |