Description

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.

Remediation

References

CVE-2022-4271

Related Vulnerabilities

XWiki Incorrect Use of Privileged APIs Vulnerability (CVE-2022-24821)

MySQL CVE-2020-14867 Vulnerability (CVE-2020-14867)

WordPress Plugin Use Any Font Unspecified Vulnerability (4.3.6)

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0346)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2190)

Severity

Medium

Classification

CVE-2022-4271 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities