1.8.1.1

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-04	CVE-2020-12629	Cross-site Scripting vulnerability in Enhancesoft Osticket include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name. network enhancesoft CWE-79	3.5
2014-07-09	CVE-2014-4744	Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone Number field to open.php or (2) Phone number field, (3) passwd1 field, (4) passwd2 field, or (5) do parameter to account.php. network enhancesoft osticket CWE-79	4.3