Vulnerabilities > Enhancesoft > Osticket > 1.16

DATE CVE VULNERABILITY TITLE RISK
2023-04-05 CVE-2022-31888 Session Fixation vulnerability in Enhancesoft Osticket
Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.
network
low complexity
enhancesoft CWE-384
8.8
8.8
2023-03-10 CVE-2023-1315 Cross-site Scripting vulnerability in Enhancesoft Osticket
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
network
low complexity
enhancesoft CWE-79
5.4
5.4
2023-03-10 CVE-2023-1316 Unspecified vulnerability in Enhancesoft Osticket
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
network
low complexity
enhancesoft
5.4
5.4
2023-03-10 CVE-2023-1317 Unspecified vulnerability in Enhancesoft Osticket
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
network
low complexity
enhancesoft
5.4
5.4
2023-03-10 CVE-2023-1318 Unspecified vulnerability in Enhancesoft Osticket
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
network
low complexity
enhancesoft
5.4
5.4
2023-03-10 CVE-2023-1319 Unspecified vulnerability in Enhancesoft Osticket
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
network
low complexity
enhancesoft
4.8
4.8
2023-03-10 CVE-2023-1320 Unspecified vulnerability in Enhancesoft Osticket
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
network
low complexity
enhancesoft
6.1
6.1
2022-12-02 CVE-2022-4271 Cross-site Scripting vulnerability in Enhancesoft Osticket
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.
network
low complexity
enhancesoft CWE-79
5.4
5.4