Lucene search
+L

75 matches found

Vulnrichment
Vulnrichment
added 2023/10/23 12:0 a.m.13 views

CVE-2023-27149

A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...

5.5AI score0.00354EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/23 12:0 a.m.41 views

CVE-2023-27148

A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...

5.1AI score0.00354EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/23 12:0 a.m.44 views

CVE-2023-27149

A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...

5.1AI score0.00354EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/10/23 12:0 a.m.5 views

PT-2023-20974 · Enhancesoft · Osticket

Name of the Vulnerable Software and Affected Versions: Enhancesoft osTicket version 1.17.2 Description: A stored cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom...

4.8CVSS5AI score0.00354EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/10/23 12:0 a.m.4 views

Enhancesoft osTicket Cross-Site Scripting Vulnerability

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in Enhancesoft osTicket v1.17.2. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Label input paramete...

4.8CVSS6.7AI score0.00354EPSS
Exploits1References2
OSV
OSV
added 2023/10/23 12:0 a.m.22 views

CVE-2023-27149

A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...

4.8CVSS5.7AI score0.00354EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/23 12:0 a.m.6 views

Enhancesoft osTicket Cross-Site Scripting Vulnerability

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in Enhancesoft osTicket v1.17.2. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Role Name parameter...

4.8CVSS6.7AI score0.00354EPSS
Exploits1References2
OSV
OSV
added 2023/10/23 12:0 a.m.26 views

CVE-2023-27148

A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...

4.8CVSS5.7AI score0.00354EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/09/08 12:0 a.m.5 views

Enhancesoft osTicket SQL Injection Vulnerability

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. A security vulnerability exists in Enhancesoft osTicket v1.15.6, which originates from an SQL injection vulnerability in the Search function of the tickets.php page, allowing an authenticated attacker to execute...

6.5CVSS8.4AI score0.02454EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/06/14 12:0 a.m.6 views

Enhancesoft osTicket 安全漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket that stems from a lengthy password that can lead to a denial of service in the system...

7.5CVSS7.3AI score0.00999EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/04/05 12:0 a.m.4 views

Enhancesoft osTicket SQL注入漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in osTicket osTicket-plugins, which stems from the presence of a SQL injection vulnerability...

9.8CVSS8.6AI score0.01503EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.4 views

Enhancesoft osTicket 跨站脚本漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A cross-site scripting vulnerability exists in versions prior to Enhancesoft osTicket v1.16.6, which stems from the presence of a Reflected Cross-Site Scripting XSS vulnerability...

5.4CVSS5.3AI score0.01059EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.3 views

Enhancesoft osTicket 跨站脚本漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A cross-site scripting vulnerability exists in versions prior to Enhancesoft osTicket v1.16.6, which stems from the presence of a cross-site scripting XSS vulnerability...

5.4CVSS5.3AI score0.01015EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.5 views

Enhancesoft osTicket 跨站脚本漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A cross-site scripting vulnerability exists in Enhancesoft osTicket versions prior to 1.16.6, which stems from the presence of a stored cross-site scripting XSS vulnerability. The vulnerability ca...

5.4CVSS4.8AI score0.00514EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/02 12:0 a.m.5 views

Enhancesoft osTicket 跨站脚本漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket versions prior to 1.16.4. The vulnerability stems from setting an ordinary user's username as the XSS payload, and then placing the same XSS...

8CVSS6.7AI score0.00673EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/07/13 12:0 a.m.7 views

Enhancesoft osTicket 跨站脚本漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket, which stems from its component audit/class.audit.php that allows attackers to execute arbitrary web script or HTML via a crafted SVG file...

5.4CVSS6.2AI score0.01391EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/05/04 12:0 a.m.9 views

Enhancesoft osTicket SQL注入漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket that originates from an SQL injection during the login and password reset process. An attacker could exploit this vulnerability to gain acce...

9.8CVSS8.5AI score0.00967EPSS
Exploits0References2
OSV
OSV
added 2021/06/28 7:15 p.m.11 views

CVE-2020-22609

Cross Site Scripting XSS vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php...

6.1CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2021/06/28 7:15 p.m.26 views

CVE-2020-22608

Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php...

6.1CVSS0.00672EPSS
Exploits0References1
NVD
NVD
added 2021/06/28 7:15 p.m.39 views

CVE-2020-22609

Cross Site Scripting XSS vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php...

6.1CVSS0.00686EPSS
Exploits0References1
Rows per page
Query Builder