CVE-2026-22200 PoC — Enhancesoft osTicket 注入漏洞

Source

https://github.com/horizon3ai/CVE-2026-22200

Associated Vulnerability

Title:Enhancesoft osTicket 注入漏洞 (CVE-2026-22200)
Description:Enhancesoft osTicket是美国Enhancesoft公司的一套开源的票务系统。 Enhancesoft osTicket 1.18.2及之前版本存在注入漏洞，该漏洞源于票据PDF导出功能存在任意文件读取，可能导致远程攻击者通过特制富文本HTML泄露服务器文件系统中的敏感本地文件。

Description

CVE-2026-22200: Arbitrary file read + CNEXT RCE in osTicket

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!