CVE-2020-14012

Published June 10th, 2020

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

1

PROJECT

Description

scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent.

osTicket/osTicket

The osTicket open source ticketing system official project repository, for versions 1.8 and later

GitHub

3.81K