Lucene search

K

CERTVU:511404

HistoryAug 30, 2012 - 12:00 a.m.

Open Technology Real Services nested tags cross-site scripting vulnerability

2012-08-3000:00:00

www.kb.cert.org

20

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

EPSS

0.003

Percentile

66.2%

Overview

Open Technology Real Services (OTRS) is susceptible to a cross-site scripting vulnerability when viewing HTML webpages with nested tags.

Description

Open Technology Real Services (OTRS) contains a cross-site scripting (CWE-79) vulnerability in the email body. An attacker may be able to load arbitrary script in the context of the user’s browser when they view a specifically crafted email message containing an invalid HTML structure with nested tags.

Proof-of-Concept:

<s<script>...</script><script>...<cript type="text/javascript"> document.write("Hello World!"); alert('Mike was here!');; </s<script>//<cript>

Additional details may be found in the OTRS advisory.

Impact

An attacker may be able to execute arbitrary script in the context of the user’s browser.

Solution

Apply an Update

The OTRS advisory states: This vulnerability is fixed in OTRS 2.4.14, 3.0.16 and 3.1.10 and it is recommended to upgrade to one of these versions.

Vendor Information

511404

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

OTRS Affected

Notified: August 27, 2012 Updated: August 30, 2012

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

<http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2012-02/>

CVSS Metrics

Group	Score	Vector
Base	6.1	AV:N/AC:H/Au:N/C:P/I:C/A:N
Temporal	4.8	E:POC/RL:OF/RC:C
Environmental	4.8	CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Acknowledgements

Thanks to Mike Eduard of Znuny GmbH for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs:	CVE-2012-4600
Date Public:	2012-08-30 Date First Published:

References

cwe.mitre.org/data/definitions/79.html

www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2012-02/

znuny.com/en/#!/advisory/ZSA-2012-02

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

EPSS

0.003

Percentile

66.2%

Related for VU:511404

freebsd2 prion1 nessus5 ubuntucve1 openvas2 debiancve1 packetstorm1 nvd1 cve1 cvelist1 exploitdb2 osv1