Vulnerabilities > Osticket > Osticket STS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-26 | CVE-2006-6733 | Cross-Site Scripting vulnerability in Osticket STS 1.2.7/1.3Beta Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows remote attackers to inject arbitrary web script or HTML via the e parameter. | 4.3 |
| 2004-12-06 | CVE-2004-0614 | Remote Security vulnerability in osTicket STS osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size. | 6.4 |