Description
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
Remediation
References
Related Vulnerabilities
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.17)
Internet Information Services Improper Input Validation Vulnerability (CVE-1999-0867)
CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-31541)
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7913)
WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (3.1.24)