osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
2025-06-02T18:15:24.517
2025-06-05T14:11:24.113
Analyzed
CVSSv3.1: 5.4 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | osticket | osticket | < 1.17.6 | Yes |
| Application | osticket | osticket | < 1.18.2 | Yes |