Description
In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/users.php?do=import-users, and /upload/scp/ajax.php/users/import if an agent manager user uploads a crafted .csv file to the User Importer, because file contents can appear in an error message. The XSS can lead to local file inclusion.
Remediation
References
Related Vulnerabilities
FrontAccounting Multiple SQL Injection Vulnerabilities (CVE-2014-3973)
XOOPS Other Vulnerability (CVE-2006-5810)
Oracle JRE CVE-2019-2945 Vulnerability (CVE-2019-2945)
WordPress Plugin Gallery by BestWebSoft Arbitrary File Disclosure (3.8.3)
WordPress Plugin Homepage SlideShow Arbitrary File Upload (2.3)