Description
A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list.
Remediation
References
Related Vulnerabilities
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7912)
MySQL CVE-2016-0653 Vulnerability (CVE-2016-0653)
Django DEPRECATED: Code Vulnerability (CVE-2015-0222)
MySQL CVE-2017-3454 Vulnerability (CVE-2017-3454)
WordPress Plugin Extensive VC Addons for WPBakery page builder Local File Inclusion (1.9)