Description
scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent.
Remediation
References
Related Vulnerabilities
WordPress Plugin Complianz-GDPR/CCPA Cookie Consent Cross-Site Scripting (5.5.2)
MySQL CVE-2022-21632 Vulnerability (CVE-2022-21632)
PostgreSQL Out-of-bounds Read Vulnerability (CVE-2019-10209)
Apache HTTP Server Other Vulnerability (CVE-2002-0654)
WordPress Plugin LinkedIn by BestWebSoft Cross-Site Scripting (1.0.4)