Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Customer Support

osTicket

osTicket is a widely-used open source support ticket system. It seamlessly integrates inquiries created via email and web-based forms into a simple easy to use multi-user web interface. Easily manage organize and archive all your support requests and responses in one place while providing your clients with accountability and responsiveness they deserve.

Official Site:

http://osticket.com/

Severity Summary:

Critical: 4 High: 9 Medium: 35 Low: 1
Reference
Title
Severity
CVE-2018-7194
osTicket Integer Overflow or Wraparound Vulnerability
Medium
CVE-2019-13397
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-24917
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-16193
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-14750
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-14748
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-11537
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-7196
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-7193
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2005-1436
osTicket Other Vulnerability
Medium
CVE-2018-7192
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-4744
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-15362
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-1347
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-1176
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2010-4634
osTicket Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2020-12629
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2026-26895
osTicket Observable Discrepancy Vulnerability
Medium
CVE-2010-0606
osTicket Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low