Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
- https://checkmarx.com/blog/securing-open-source-solutions-a-study-of-osticket-vulnerabilities/
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/reewardius/CVE-2022-31890