Loading...

Ready to See Your True Attack Surface?

Join thousands of security teams who trust ZeroVault to discover vulnerabilities before attackers do. Get started with a personalized demo.

osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.