Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-31889: xss: Audit Log · osTicket/osTicket-plugins@047a1c3

Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.

CVE
#xss#vulnerability#php

@@ -3,18 +3,18 @@

$qs = array();

if($_REQUEST[‘type’])

$qs += array(‘type’ => $_REQUEST[‘type’]);

$qs += array(‘type’ => Format::htmlchars($_REQUEST[‘type’]));

$type=’D’;

if ($_REQUEST[‘type’])

$type=$_REQUEST[‘type’];

$type=Format::htmlchars($_REQUEST[‘type’]);

if($_REQUEST[‘state’])

$qs += array(‘state’ => $_REQUEST[‘state’]);

$qs += array(‘state’ => Format::htmlchars($_REQUEST[‘state’]));

$state=__(‘All’);

if ($_REQUEST[‘state’])

$state=$_REQUEST[‘state’];

$state=Format::htmlchars($_REQUEST[‘state’]);

//dates

$startTime =($_REQUEST[‘startDate’] && (strlen($_REQUEST[‘startDate’])>=8))?strtotime($_REQUEST[‘startDate’]):0;

@@ -28,7 +28,7 @@

if($endTime)

$qs += array(‘endDate’ => $_REQUEST[‘endDate’]);

}

$order = AuditEntry::getOrder($_REQUEST[‘order’]);

$order = AuditEntry::getOrder(Format::htmlchars($_REQUEST[‘order’]));

$qs += array(‘order’ => (($order==’DESC’) ? ‘ASC’ : ‘DESC’));

$qstr = '&’. Http::build_query($qs);

Related news

CVE-2022-31890: Securing Open-Source Solutions: A Study of osTicket Vulnerabilities

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907