SQL Injection Vulnerability in osTicket Login and Password Reset Process
CVE-2021-42235 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality.
Learn more about our Web Application Penetration Testing UK.