A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-09-08T00:00:00
Updated: 2024-08-04T04:54:29.513Z
Reserved: 2021-12-27T00:00:00
Link: CVE-2021-45811
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-08T02:15:07.877
Modified: 2023-09-18T18:55:34.450
Link: CVE-2021-45811
Redhat
No data.