header-logo
Suggest Exploit
vendor:
osTicket
by:
Matthew Aberegg
7.5
CVSS
HIGH
Persistent Cross-Site Scripting
79
CWE
Product Name: osTicket
Affected Version From: osTicket 1.14.1
Affected Version To: osTicket 1.14.1
Patch Exists: YES
Related CWE:
CPE: a:osticket:osticket:1.14.1
Metasploit:
Other Scripts:
Platforms Tested: CentOS 7
2020

osTicket 1.14.1 – ‘Ticket Queue’ Persistent Cross-Site Scripting

A persistent cross-site scripting vulnerability exists within the 'Ticket Queue' functionality of osTicket.

Mitigation:

Upgrade to the latest version of osTicket and apply the provided patch.
Source

Exploit-DB raw data:

Navigation

Suggest Exploit

Services By CQR