Описание
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-24881
- https://github.com/osTicket/osTicket/commit/d98c2d096aeb8876c6ab2f88317cd371d781f14d
- https://blackbatsec.medium.com/cve-2020-24881-server-side-request-forgery-in-osticket-eea175e147f0
- http://packetstormsecurity.com/files/160995/osTicket-1.14.2-Server-Side-Request-Forgery.html
Связанные уязвимости
CVSS3: 9.8
nvd
больше 5 лет назад
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.