Lucene search
MitreCVELIST:CVE-2023-27148HistoryOct 23, 2023 - 12:00 a.m.
CVE-2023-27148
2023-10-2300:00:00
mitre
www.cve.org
stored cross-site scripting
enhancesoft osticket
admin panel
arbitrary web scripts
html
crafted payload
role name parameter
0.0004 Low
EPSS
Percentile
14.1%
A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter.
Related
nvd
nvd
CVE-2023-27148
2023-10-23 20:15:08
prion
prion
Cross site scripting
2023-10-23 20:15:00
cve
cve
CVE-2023-27148
2023-10-23 20:15:08
osv
osv
CVE-2023-27148
2023-10-23 20:15:08