Описание
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x before 6.0.12. An attacker could send an e-mail message with a malicious link to an OTRS system or an agent. If a logged-in agent opens this link, it could cause the execution of JavaScript in the context of OTRS.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | not-affected | 6.0.13-1 |
| eoan | not-affected | 6.0.13-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 6.0.13-1 |
| esm-apps/jammy | not-affected | 6.0.13-1 |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
Показывать по
EPSS
6.1 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x before 6.0.12. An attacker could send an e-mail message with a malicious link to an OTRS system or an agent. If a logged-in agent opens this link, it could cause the execution of JavaScript in the context of OTRS.
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x bef ...
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x before 6.0.12. An attacker could send an e-mail message with a malicious link to an OTRS system or an agent. If a logged-in agent opens this link, it could cause the execution of JavaScript in the context of OTRS.
EPSS
6.1 Medium
CVSS3