cve/CVE-2019-13397.md at 49bdc782b38d7d6d975377fc69b0c94bc5c39b3a

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

762 B

Raw Blame History

CVE-2019-13397

Description

Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket.

POC

Reference

https://medium.com/@sarapremashish/osticket-1-10-1-unauthenticated-stored-xss-allows-an-attacker-to-gain-admin-privileges-6a0348761a3a

Github

https://github.com/ARPSyndicate/cvemon

762 B Raw Blame History

CVE-2019-13397

Description

POC

Reference

Github

762 B

Raw Blame History