Osticket@* Security Vulnerabilities and Issues — Osticket@* CVE List

Lucene search

EnhancesoftOsticket*

8 matches found

CVE•added 2023/09/08 2:15 a.m.•51 views

CVE-2021-45811

A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.

6.5CVSS7AI score0.61668EPSS

CVE•added 2023/03/10 4:15 p.m.•50 views

CVE-2023-1317

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.

5.4CVSS5.3AI score0.03622EPSS

CVE•added 2023/03/10 4:15 p.m.•49 views

CVE-2023-1319

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

4.8CVSS4.9AI score0.00063EPSS

CVE•added 2023/03/10 4:15 p.m.•48 views

CVE-2023-1315

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.

5.4CVSS5.3AI score0.31019EPSS

CVE•added 2023/04/05 10:15 p.m.•43 views

CVE-2022-31888

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.

8.8CVSS8.6AI score0.0074EPSS

CVE•added 2023/03/10 4:15 p.m.•43 views

CVE-2023-1316

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

5.4CVSS4.9AI score0.00076EPSS

CVE•added 2023/03/10 4:15 p.m.•41 views

CVE-2023-1318

Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.

5.4CVSS5.3AI score0.07783EPSS

CVE•added 2023/03/10 4:15 p.m.•39 views

CVE-2023-1320

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

7.1CVSS6.1AI score0.00399EPSS