CVE-2024-21728

CVE-2024-21728: Extension - smartcalc.es - Open redirect vulnerability in osTicky component for Joomla <= 2.2.8

Vendor Smartcalc.es
Product osTicky component for Joomla
Weakness CWE-601 · Open redirect
Published February 15, 2024
Last update December 4, 2024

CVSS base score

What the vulnerability does

01Description

An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky (osTicket Bridge) by SmartCalc is a Joomla 3.x extension that provides Joomla fronted integration with osTicket, a popular Support ticket system. The Open Redirect vulnerability allows attackers to control the return parameter in the URL to a base64 malicious URL.

Key dates

02Disclosure timeline

February 15, 2024 CVE published
December 4, 2024 Record updated