Security Advisory

CVE-2020-24917

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-30 15:45:41
Last updated 2024-08-04 15:26:07
Assigner mitre
State PUBLISHED

Description

osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.

← Browse all CVEs View on cve.org ↗