Description
Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action.
Remediation
References
Related Vulnerabilities
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0825)
Perl CVE-2016-6185 Vulnerability (CVE-2016-6185)
WordPress Plugin WP TripAdvisor Review Slider SQL Injection (12.6)
Atlassian Jira CVE-2019-11583 Vulnerability (CVE-2019-11583)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4281)