CVE-2014-1695

EPSS 3.6%

otrs2 - security update

發布日:2014/3/1修改日:2026/4/28

描述

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email.

受影響套件(2)

Debian/otrs2from 0, < 3.3.5-1
Debian/otrs2from 0, < 3.3.18-1~deb7u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-1695