Vulnerabilities > Osticket > Osticket > 1.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-12 | CVE-2017-14396 | SQL Injection vulnerability in Osticket 1.10 In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php. | 7.5 |