CVE-2022-32074 for osTicket | Support Ticketing System 1 Find the file listing directory, the root of the file download directoryм (file_uploads (this is an example)) 2 Load the following xssPayloadsvg and open it Example:
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows malicious users to execute arbitrary web scripts or HTML via a crafted SVG file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osticket osticket |