Just published at Exploit-db
http://www.exploit-db.com/exploits/15471(http://www.exploit-db.com/exploits/15471)
Any hotfix released?
// rancor
Unless I'm reading that wrong, it doesn't look like an osTicket vulnerability. It looks like someone's made an osTicket module for... something? and the module modifications they've made to whatever CMS/script they've made it on are what's insecure.
The vulnerability has nothing to do with osTicket. I've made numerous attempts to contact the retarded "security researcher" involved but I've got no response yet! :
