← back
CVE-2022-31888

CVE-2022-31888

CVSS 8.8 HIGHEPSS 1.2%CWE-384
Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://checkmarx.com/blog/securing-open-source-solutions-a-study-of-osticket-vulnerabilities/https://github.com/osTicket/osTicket/commit/85a76f403a3a116176d0798f39a4c430181d8364https://github.com/osTicket/osTicket/releases/tag/v1.16.3