osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization (BOLA) leading to Insecure Direct Object Reference (IDOR) in the AJAX ticket-management subsystem.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation5 reference(s) from NVD