Osticket: >> Osticket >> 1.12.2 Security Vulnerabilities
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-06-02
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-05-05
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
CVSS Score
5.4
EPSS Score
0.006
Published
2022-07-13
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
CVSS Score
9.8
EPSS Score
0.906
Published
2020-11-02
osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-08-30
osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info['notes'] call.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-08-26
PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.
CVSS Score
7.5
EPSS Score
0.007
Published
2006-10-19
Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2005-05-03