Vulnerabilities > Enhancesoft

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-23	CVE-2023-27148	Cross-site Scripting vulnerability in Enhancesoft Osticket 1.17.2 A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter. network low complexity enhancesoft CWE-79	4.8
2023-10-23	CVE-2023-27149	Cross-site Scripting vulnerability in Enhancesoft Osticket 1.17.2 A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list. network low complexity enhancesoft CWE-79	4.8
2023-09-08	CVE-2021-45811	SQL Injection vulnerability in Enhancesoft Osticket A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination. network low complexity enhancesoft CWE-89	6.5
2023-06-14	CVE-2023-30082	Improper Validation of Specified Quantity in Input vulnerability in Enhancesoft Osticket 1.17.2 A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. network low complexity enhancesoft CWE-1284	7.5
2023-03-10	CVE-2023-1315	Cross-site Scripting vulnerability in Enhancesoft Osticket Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. network low complexity enhancesoft CWE-79	5.4
2023-03-10	CVE-2023-1316	Cross-site Scripting vulnerability in Enhancesoft Osticket Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6. network low complexity enhancesoft CWE-79	5.4
2023-03-10	CVE-2023-1317	Cross-site Scripting vulnerability in Enhancesoft Osticket Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. network low complexity enhancesoft CWE-79	5.4
2023-03-10	CVE-2023-1318	Cross-site Scripting vulnerability in Enhancesoft Osticket Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6. network low complexity enhancesoft CWE-79	5.4
2023-03-10	CVE-2023-1319	Cross-site Scripting vulnerability in Enhancesoft Osticket Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6. network low complexity enhancesoft CWE-79	4.8
2023-03-10	CVE-2023-1320	Cross-site Scripting vulnerability in Enhancesoft Osticket Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6. network low complexity enhancesoft CWE-79	6.1

Vulnerabilities > Enhancesoft {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Enhancesoft"}]}

Vulnerabilities > Enhancesoft