Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2022-31889

Description

Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.

POC

Reference

- https://checkmarx.com/blog/securing-open-source-solutions-a-study-of-osticket-vulnerabilities/

Github

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/reewardius/CVE-2022-31889