Vulnerabilities
Vulnerable Software
Enhancesoft:  Security Vulnerabilities
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-04-05
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
CVSS Score
7.1
EPSS Score
0.006
Published
2023-03-10
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
CVSS Score
5.4
EPSS Score
0.011
Published
2023-03-10
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
CVSS Score
4.5
EPSS Score
0.005
Published
2023-03-10
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
CVSS Score
5.4
EPSS Score
0.01
Published
2023-03-10
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
CVSS Score
5.4
EPSS Score
0.01
Published
2023-03-10
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
CVSS Score
4.8
EPSS Score
0.005
Published
2023-03-10
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.
CVSS Score
8.0
EPSS Score
0.007
Published
2022-12-02
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
CVSS Score
5.4
EPSS Score
0.014
Published
2022-07-13
SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-05-04


Contact Us

Shodan ® - All rights reserved