CVE-2020-16193

Published August 26th, 2020

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

1

PROJECT

Description

osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info['notes'] call.

osTicket/osTicket

The osTicket open source ticketing system official project repository, for versions 1.8 and later

GitHub

3.81K