Lucene search
MitreCVELIST:CVE-2019-14750HistoryAug 07, 2019 - 4:38 p.m.
CVE-2019-14750
2019-08-0716:38:35
mitre
www.cve.org
2
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the execution of those queries. This can further lead to cookie stealing or other malicious actions.
Related
packetstorm
packetstorm
osTicket 1.12 Cross Site Scripting
2019-08-11 00:00:00
zdt
zdt
osTicket 1.12 - Persistent Cross-Site Scripting Vulnerability
2019-08-13 00:00:00
osv
osv
CVE-2019-14750
2019-08-07 17:15:12
nuclei
nuclei
osTicket < 1.12.1 - Cross-Site Scripting
2022-08-31 13:49:49
cve
cve
CVE-2019-14750
2019-08-07 17:15:12
prion
prion
Cross site scripting
2019-08-07 17:15:00
exploitpack
exploitpack
osTicket 1.12 - Persistent Cross-Site Scripting
2019-08-12 00:00:00
nvd
nvd
CVE-2019-14750
2019-08-07 17:15:12
exploitdb
exploitdb
osTicket 1.12 - Persistent Cross-Site Scripting
2019-08-12 00:00:00
openvas
openvas
osTicket < 1.10.7, 1.12.x < 1.12.1 Multiple Vulnerabilities
2019-08-09 00:00:00