CVE-2025-45387 | osTicket up to 1.17.5/1.18.1 /scp/ajax.php access control

A vulnerability, which was classified as critical, was found in osTicket up to 1.17.5/1.18.1. Affected is an unknown function of the file /scp/ajax.php. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2025-45387. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More