A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list.
{ "versions": [ { "introduced": "0" }, { "last_affected": "1.17.2" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-27149.json"