Описание
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | ignored | end of life |
| eoan | not-affected | 6.0.19-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 6.0.19-1 |
| esm-apps/jammy | not-affected | 6.0.19-1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE |
Показывать по
EPSS
4.3 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x thr ...
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.
EPSS
4.3 Medium
CVSS2
4.3 Medium
CVSS3