Description
Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket before 1.9.5.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP e-Commerce Predictive Search Cross-Site Scripting (1.1.1)
WordPress Plugin GB Gallery Slideshow SQL Injection (1.2)
Oracle Database Server CVE-2011-0848 Vulnerability (CVE-2011-0848)
Dolibarr Inadequate Encryption Strength Vulnerability (CVE-2017-7888)
WordPress Plugin Contact Form DB Cross-Site Request Forgery (2.8.31)