CVE-2019-9751

MEDIUM4.8EPSS 0.40%

發布日:2019/3/13修改日:2026/4/28

也稱為:DEBIAN-CVE-2019-9751

描述

An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm.

受影響套件(1)

Debian/otrs2from 0, < 6.0.17-1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM4.8	CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2019-9751