CVE-2015-1176
23.01.2015, 15:59
Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action.
Vendor | Product | Version |
---|---|---|
osticket | osticket | 𝑥 ≤ 1.9.4 |
𝑥
= Vulnerable software versions
References