CVE-2015-1176

CVE-2015-1176CVE-2015-1176

enhancesoft / osticket

Description

Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action.

Scoring

CVSS 4.3 ()
VectorAV:N/AC:M/Au:N/C:N/I:P/A:N
Last modified2026-07-10
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.