The vulnerability of the setup/install.php component of the osTicket customer support system, which allows a perpetrator to carry out cross-site scripting attacks

The vulnerability of the osTicket customer support system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

Enhancesoft osTicket cross-site scripting vulnerability (CNVD-2020-16824)

Enhancesoft osTicket is a U.S. Enhancesoft's open source ticketing system. A cross-site scripting vulnerability exists in the setup/install.php file in Enhancesoft osTicket versions prior to 1.10.7 and 1.12.x versions prior to 1.12.1. The vulnerability stems from the lack of proper validation of...

Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...