Lucene search

K
cvelistMitreCVELIST:CVE-2023-27148
HistoryOct 23, 2023 - 12:00 a.m.

CVE-2023-27148

2023-10-2300:00:00
mitre
www.cve.org
stored cross-site scripting
enhancesoft osticket
admin panel
arbitrary web scripts
html
crafted payload
role name parameter

0.0004 Low

EPSS

Percentile

14.0%

A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter.

0.0004 Low

EPSS

Percentile

14.0%

Related for CVELIST:CVE-2023-27148