CVE-2005-1436

Name of the Vulnerable Software and Affected Versions: osTicket (affected versions not specified)

Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via several parameters and fields, including (1) the t parameter to "view.php", (2) the osticket title parameter to "header.php", (3) the em parameter to "admin login.php", (4) the e parameter to "user login.php", (5) the err parameter to "open submit.php", or (6) the name and subject fields when adding a ticket.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.