osTicket

Introduction

Open-source support ticketing system
The core function of osTicket is to inform the company's employees about a problem so that a problem can be solved with the service or other components
osTicket version 1.14.1 suffers from CVE-2020-24881 which was an SSRF vulnerability. If exploited, this type of flaw may be leveraged to gain access to internal resources or perform internal port scanning.
Aside from web application-related vulnerabilities, support portals can sometimes be used to obtain an email address for a company domain, which can be used to sign up for other exposed applications requiring an email verification to be sent.

Last updated 1 year ago

Was this helpful?

osTicket

Introduction

Open-source support ticketing system
The core function of osTicket is to inform the company's employees about a problem so that a problem can be solved with the service or other components
osTicket version 1.14.1 suffers from CVE-2020-24881 which was an SSRF vulnerability. If exploited, this type of flaw may be leveraged to gain access to internal resources or perform internal port scanning.
Aside from web application-related vulnerabilities, support portals can sometimes be used to obtain an email address for a company domain, which can be used to sign up for other exposed applications requiring an email verification to be sent.

Last updated 1 year ago

Was this helpful?