osTicket/osTicket-plugins

osTicket/osTicket-plugins

Releases0

Stars155

Core plugins for osTicket (v1.8+)

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-31889 ↗	Apr 5, 2023Wednesday, 5 April 2023, 22:15	6.1 MEDIUM	—
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
CVE-2022-31890 ↗	Apr 5, 2023Wednesday, 5 April 2023, 22:15	9.8 CRITICAL	—
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
CVE-2022-32074 ↗	Jul 13, 2022Wednesday, 13 July 2022, 16:15	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.