Enhancesoft: >> Osticket >> 1.14.2 Security Vulnerabilities
SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-05-04
scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-06-10
Page 2