JediKev

11 exploits Active since Aug 2020

CVE-2020-22608 WRITEUP MEDIUM WRITEUP

Enhancesoft osTicket <1.12.6 - XSS

Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php.

CVSS 6.1

View Code

CVE-2020-22609 WRITEUP MEDIUM WRITEUP

Enhancesoft osTicket <1.12.6 - XSS

Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php.

CVSS 6.1

View Code

CVE-2020-24917 WRITEUP MEDIUM WRITEUP

Osticket < 1.14.3 - XSS

osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.

CVSS 6.1

View Code

CVE-2022-4271 WRITEUP MEDIUM WRITEUP

Enhancesoft Osticket < 1.16.4 - XSS

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.

CVSS 5.4

View Code

CVE-2023-1315 WRITEUP MEDIUM WRITEUP

Enhancesoft Osticket < 1.16.6 - XSS

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.

CVSS 5.4

View Code

CVE-2023-1316 WRITEUP MEDIUM WRITEUP

Enhancesoft Osticket < 1.16.6 - XSS

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

CVSS 5.4

View Code

CVE-2023-1317 WRITEUP MEDIUM WRITEUP

Enhancesoft Osticket < 1.16.6 - XSS

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.

CVSS 5.4

View Code

CVE-2023-1318 WRITEUP MEDIUM WRITEUP

Enhancesoft Osticket < 1.16.6 - XSS

Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.

CVSS 5.4

View Code

CVE-2023-1319 WRITEUP MEDIUM WRITEUP

Enhancesoft Osticket < 1.16.6 - XSS

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

CVSS 4.8

View Code

CVE-2023-1320 WRITEUP MEDIUM WRITEUP

Enhancesoft Osticket < 1.16.6 - XSS

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

CVSS 6.1

View Code

CVE-2025-45387 WRITEUP MEDIUM WRITEUP

Osticket < 1.17.6 - XSS

osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.

CVSS 5.4

View Code