Enhancesoft: >> Osticket >> 1.16.6 Security Vulnerabilities
User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-02
Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-02-20