Vulnerability Details CVE-2020-24917
osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://github.com/osTicket/osTicket/commit/518de223933eab0c5558741ce317f36958ef193d
- https://github.com/osTicket/osTicket/compare/v1.14.2...v1.14.3
- https://sisl.lab.uic.edu/projects/chess/osticket-xss/
- https://github.com/osTicket/osTicket/commit/518de223933eab0c5558741ce317f36958ef193d
- https://github.com/osTicket/osTicket/compare/v1.14.2...v1.14.3
- https://sisl.lab.uic.edu/projects/chess/osticket-xss/
Products affected by CVE-2020-24917
-
cpe:2.3:a:osticket:osticket:-
-
cpe:2.3:a:osticket:osticket:1.0
-
cpe:2.3:a:osticket:osticket:1.10.4
-
cpe:2.3:a:osticket:osticket:1.10.5
-
cpe:2.3:a:osticket:osticket:1.10.6
-
cpe:2.3:a:osticket:osticket:1.10.7
-
cpe:2.3:a:osticket:osticket:1.11
-
cpe:2.3:a:osticket:osticket:1.12
-
cpe:2.3:a:osticket:osticket:1.12.1
-
cpe:2.3:a:osticket:osticket:1.12.2
-
cpe:2.3:a:osticket:osticket:1.2.7
-
cpe:2.3:a:osticket:osticket:1.3.0
-
cpe:2.3:a:osticket:osticket:1.6
-
cpe:2.3:a:osticket:osticket:1.6.0
-
cpe:2.3:a:osticket:osticket:1.8.0
-
cpe:2.3:a:osticket:osticket:1.8.0.1
-
cpe:2.3:a:osticket:osticket:1.8.0.2
-
cpe:2.3:a:osticket:osticket:1.8.0.3
-
cpe:2.3:a:osticket:osticket:1.8.0.4
-
cpe:2.3:a:osticket:osticket:1.8.1
-
cpe:2.3:a:osticket:osticket:1.8.1.1
-
cpe:2.3:a:osticket:osticket:1.8.1.2
-
cpe:2.3:a:osticket:osticket:1.8.3
-
cpe:2.3:a:osticket:osticket:1.8.4
-
cpe:2.3:a:osticket:osticket:1.9.0
-
cpe:2.3:a:osticket:osticket:1.9.1
-
cpe:2.3:a:osticket:osticket:1.9.2
-
cpe:2.3:a:osticket:osticket:1.9.4
-
cpe:2.3:a:osticket:osticket:1.9.5