Vulnerabilities > Enhancesoft > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-14 | CVE-2023-30082 | Improper Validation of Specified Quantity in Input vulnerability in Enhancesoft Osticket 1.17.2 A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. | 7.5 |
2022-05-04 | CVE-2021-42235 | SQL Injection vulnerability in Enhancesoft Osticket SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality. | 7.5 |