Bounties
Partners
Community
Info
osticket / osticket
Project repository
The osTicket open source ticketing system official project repository, for versions 1.8 and later
Submit a report
FIRST INTERACTION
WITHIN
1 DAY
REVIEW
WITHIN
63 DAYS
FIX
WITHIN
116 DAYS
privaite FAQ can
Jun 17th 2023
lujiefsi
•
pending
An agent without permission has the ability to update, add, or delete FAQ items
Oct 25th 2023
lujiefsi
•
High
High
Improper Restriction of Rendered UI Layers or Frames
Jun 14th 2023
endansdto
•
Medium
Medium
Missing SPF Record
Mar 20th 2023
abdolzx
•
not applicable
XSS Stored in Caption Image
Jun 14th 2023
cupc4k3
•
Medium
Medium
Stored XSS in Role Name
Jan 18th 2023
henry1601
•
duplicate
High
Stored XSS in Roles
Mar 10th 2023
venomnis
•
Medium
Medium
•
CVE-2023-1319
CVE-2023-1319
Multiple XSS Vulnerabilities in Queue Condition
Mar 10th 2023
venomnis
•
Medium
Medium
•
CVE-2023-1318
CVE-2023-1318
Reflected XSS in Organizations Search
Mar 10th 2023
venomnis
•
Medium
Medium
•
CVE-2023-1317
CVE-2023-1317
Reflected XSS in Advanced Ticket Search
Mar 10th 2023
venomnis
•
Medium
Medium
•
CVE-2023-1315
CVE-2023-1315
XSS Stored in Email
Mar 10th 2023
edr4
•
Medium
Medium
•
CVE-2023-1316
CVE-2023-1316
Insufficient Filtering of Format::sanitize and Format::htmlchars()
Aug 3rd 2022
legoclones
•
pending
Reflected XSS in Username
Dec 2nd 2022
legoclones
•
High
High
•
CVE-2022-4271
CVE-2022-4271
Use of a Broken or Risky Cryptographic Algorithm
Dec 3rd 2021
dev696
•
pending
Cross-site Scripting (XSS) - Stored
Mar 10th 2023
theworstcomrade
•
High
•
$20
High
•
$20
•
CVE-2023-1320
CVE-2023-1320
Observable Response Discrepancy
Oct 18th 2021
haxatron
•
Medium
•
$40
Medium
•
$40
Improper Restriction of Rendered UI Layers or Frames
Oct 18th 2021
haxatron
•
Medium
•
$40
Medium
•
$40
Server-Side Request Forgery (SSRF)
Oct 18th 2021
haxatron
•
Medium
•
$40
Medium
•
$40
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
