Auth bypass in Osticket
CVE-2026-14871
osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization (BOLA) leading to Insecure Direct Object Reference (IDOR) in the AJAX ticket-management subsystem.
Vulnerability class: Broken Access Control
Affected products
- Osticket — versions v1.18.3, v1.17.7
Weakness classification (CWE)
References
- help@fluidattacks.com (third-party-advisory)
- help@fluidattacks.com (third-party-advisory)
- help@fluidattacks.com (product)
- help@fluidattacks.com (patch)
- help@fluidattacks.com (patch)