Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-1695
HistoryMar 01, 2014 - 12:01 a.m.

CVE-2014-1695

2014-03-0100:01:00
CWE-79
[email protected]
web.nvd.nist.gov
31
cve-2014-1695
cross-site scripting
xss
otrs
remote attackers
web script
html
email
vulnerability
nvd

7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.043 Low

EPSS

Percentile

92.3%

JSON

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email.

Related

prion 1
packetstorm 1
zdt 1
nessus 4
freebsd 1
debiancve 1
exploitpack 1
ubuntucve 1
securityvulns 2
mageia 1
cvelist 1
openvas 3
exploitdb 1
osv 1
debian 1
prion
prion
Cross site scripting
2014-03-01 00:01:00
packetstorm
packetstorm
OTRS 3.x Cross Site Scripting
2015-04-27 00:00:00
zdt
zdt
OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS) Vulnerability
2015-04-27 00:00:00
nessus
nessus
openSUSE Security Update : otrs (openSUSE-SU-2014:0360-1)
2014-06-13 00:00:00
FreeBSD : otrs -- XSS Issue (70b72a52-9e54-11e3-babe-60a44c524f57)
2014-02-26 00:00:00
Mandriva Linux Security Advisory : otrs (MDVSA-2014:054)
2014-03-14 00:00:00
freebsd
freebsd
otrs -- XSS Issue
2014-02-25 00:00:00
debiancve
debiancve
CVE-2014-1695
2014-03-01 00:01:00
exploitpack
exploitpack
OTRS 3.1.x 3.2.x 3.3.x - Persistent Cross-Site Scripting
2015-04-27 00:00:00
ubuntucve
ubuntucve
CVE-2014-1695
2014-03-01 00:00:00
securityvulns
securityvulns
[ MDVSA-2014:054 ] otrs
2014-05-05 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-05-05 00:00:00
mageia
mageia
Updated otrs package fixes security vulnerability
2014-03-03 00:58:54
cvelist
cvelist
CVE-2014-1695
2014-02-28 17:00:00
openvas
openvas
OTRS Email HTML Injection Vulnerability (OSA-2014-03)
2014-03-04 00:00:00
Mageia: Security Advisory (MGASA-2014-0114)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-1119-1)
2018-02-06 00:00:00
exploitdb
exploitdb
OTRS &lt; 3.1.x / &lt; 3.2.x / &lt; 3.3.x - Persistent Cross-Site Scripting
2015-04-27 00:00:00
osv
osv
otrs2 - security update
2017-09-30 00:00:00
debian
debian
[SECURITY] [DLA 1119-1] otrs2 security update
2017-09-30 19:36:15

7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.043 Low

EPSS

Percentile

92.3%

JSON
Related for CVE-2014-1695
prion1packetstorm1zdt1nessus4freebsd1debiancve1exploitpack1ubuntucve1securityvulns2mageia1cvelist1openvas3exploitdb1osv1debian1