Description
Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action.
Remediation
References
Related Vulnerabilities
Envoy Proxy CVE-2024-7207 Vulnerability (CVE-2024-7207)
WordPress Plugin Users Ultra Membership Multiple Vulnerabilities (1.5.62)
WordPress Plugin Help Desk & Knowledgebase Software PHP Object Injection (1.3.11)
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5324)
WordPress Plugin YITH WooCommerce Recover Abandoned Cart Security Bypass (1.3.2)