CVE-2023-27149
CVE-2023-27149 describes a stored XSS in Enhancesoft osTicket v1.17.2, exploitable via crafted payload in the Label input during a custom list update. Affected component: Label field handling in osTicket’s custom lists. Impact per sources: execution of arbitrary web scripts/HTML. Root cause: inpu...