CVE-2014-1695

EPSS 3.6%

otrs2 - security update

Published: 3/1/2014Modified: 4/28/2026

Also known as:DEBIAN-CVE-2014-1695

Description

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email.

Affected packages (2)

Debian/otrs2from 0, < 3.3.5-1
Debian/otrs2from 0, < 3.3.18-1~deb7u1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-1695