Cross-site Scripting Vulnerability in Support Cards by osTicket
CVE-2006-6733

Currently unrated

Key Information:

Vendor: Osticket
Status: Osticket Sts
Vendor: CVE Published:; 26 December 2006

What is CVE-2006-6733?

A cross-site scripting (XSS) vulnerability exists in the Support Cards module of osTicket, specifically within the support/view.php file. This flaw permits remote attackers to inject arbitrary web scripts or HTML through the 'e' parameter. Such exploitation can lead to unauthorized access to sensitive information, session hijacking, or defacement of the affected user interface, thus undermining the integrity and security of the application.

References

http://www.securityfocus.com/bid/21669

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/2076

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/454856/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2006
Vulnerability Reserved
Dec 26, 2006

CVE-2006-6733 Data

JSON

Osticket

What is CVE-2006-6733?

References

Timeline