A vulnerability was found in Enhancesoft osTicket up to 1.12.5 (Ticket Tracking Software). It has been classified as problematic. This affects an unknown code block of the file include/ajax.search.php of the component Parameter Handler. Upgrading to version 1.12.6 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Enhancesoft osTicket up to 1.12.5 Parameter include/ajax.search.php queue-name cross site scripting
- Virtual Patching
- June 29, 2021
- 6:05 am
CVE-2024-2558 : TENDA AC18 15.03.05.05 /GOFORM/EXECCOMMAND FORMEXECOMMAND CMDINPUT STACK-BASED OVERFLOW
Description A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function
CVE-2024-28746 : APACHE AIRFLOW 2.8.0/2.8.1/2.8.2 UI IMPROPER AUTHENTICATION
Description Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access
CVE-2024-2413 : INTUMIT SMARTROBOT UP TO 6.1.2-202212TW HARD-CODED KEY
Description Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string