| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-14749 | 6.8 |
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Nam
|
24-08-2020 - 17:37 | 07-08-2019 - 17:15 | |
| CVE-2019-14748 | 3.5 |
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file c
|
14-08-2019 - 15:29 | 07-08-2019 - 17:15 | |
| CVE-2019-14750 | 4.3 |
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of mali
|
14-08-2019 - 15:15 | 07-08-2019 - 17:15 |