Security Advisory
CVE-2020-16193
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info[notes] call.
CVE vulnerability detail — eXtreme Datacenter Security Operations
osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info[notes] call.