Lucene search
MitreCVELIST:CVE-2019-9752HistoryMar 13, 2019 - 10:00 p.m.
CVE-2019-9752
2019-03-1322:00:00
mitre
www.cve.org
An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.
References
lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
community.otrs.com/security-advisory-2019-01-security-update-for-otrs-framework
lists.debian.org/debian-lts-announce/2019/03/msg00023.html
Related
osv
osv
CVE-2019-9752
2019-03-13 22:29:00
otrs2 - security update
2019-03-19 00:00:00
prion
prion
Design/Logic Flaw
2019-03-13 22:29:00
ubuntucve
ubuntucve
CVE-2019-9752
2019-03-13 00:00:00
nvd
nvd
CVE-2019-9752
2019-03-13 22:29:00
cve
cve
CVE-2019-9752
2019-03-13 22:29:00
nessus
nessus
Debian DLA-1721-1 : otrs2 security update
2019-03-20 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-551)
2020-04-28 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-1475)
2020-09-23 00:00:00
debian
debian
[SECURITY] [DLA 1721-1] otrs2 security update
2019-03-19 07:48:45
openvas
openvas
Debian: Security Advisory (DLA-1721-1)
2019-03-18 00:00:00
OTRS 7.0.x <= 7.0.3, 6.0.x <= 6.0.15 and 5.0.x <= 5.0.33 RCE Vulnerability
2019-03-18 00:00:00
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:1475-1)
2020-09-21 00:00:00
debiancve
debiancve
CVE-2019-9752
2019-03-13 22:29:00
suse
suse
Recommended update for otrs (moderate)
2020-09-20 00:00:00
Recommended update for otrs (moderate)
2020-09-23 00:00:00
Recommended update for otrs (moderate)
2020-04-25 00:00:00