Description
Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter.
Remediation
References
Related Vulnerabilities
WordPress 3.8.x Same Origin Method Execution (SOME) Vulnerability (3.8 - 3.8.13)
TYPO3 Improper Input Validation Vulnerability (CVE-2020-15099)
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.1)
WordPress Plugin Track That Stat 'data' Parameter Cross-Site Scripting (1.0.8)
WordPress Plugin Pinterest 'Pin It' Button Cross-Site Scripting (2.0.8)