4 matches found
osTicket < 1.10.2 - Cross-Site Scripting
Cross-site scripting XSS vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter. id: CVE-2018-7196 info: name: osTicket 1.10.2 - Cross-Site Scripting author: ritikchaddha severity: medium...
CVE-2018-7196
Cross-site scripting XSS vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter...
CVE-2018-7196
Cross-site scripting XSS vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter...
CVE-2018-7196
Summary: CVE-2018-7196 is a cross-site scripting (XSS) vulnerability in osTicket before 1.10.2, exploitable via the sort parameter in /scp/index.php. Affected product/version: osTicket prior to 1.10.2. Root cause / vector: Malicious input to the sort parameter allows injection of arbitrary JavaSc...