2 matches found
CVE-2019-13397
Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket...
CVE-2019-13397
The CVE-2019-13397 issue affects osTicket 1.10.1 and is an Unauthenticated Stored XSS vulnerability that lets an attacker gain admin privileges by injecting script/HTML via an arbitrary file extension during ticket creation. The vulnerability is documented across multiple sources (NVD/Red Hat/OSV...