Description
Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5264)
Apache Tomcat Other Vulnerability (CVE-2003-0043)
MySQL CVE-2024-21165 Vulnerability (CVE-2024-21165)
Grafana Uncontrolled Resource Consumption Vulnerability (CVE-2026-33375)
WordPress Plugin Blaze Slideshow Arbitrary File Upload (2.7)