Privilege Escalation via Cross Site Scripting in Enhancesoft osTicket 1.18.0

Privilege Escalation via Cross Site Scripting in Enhancesoft osTicket 1.18.0

CVE-2023-46967 · Severity

Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket.

Learn more about our Web Application Penetration Testing UK.