Summary
The target is running at least one instance of osTicket that enables a remote user to view attachments associated with any existing ticket. These attachments may contain sensitive information.
Solution
Upgrade to osTicket STS 1.2.7 or later.
Severity
Classification
-
CVE CVE-2004-0613 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities