Lucene search
Gentoo FoundationMGASA-2014-0114HistoryMar 03, 2014 - 12:58 a.m.
Updated otrs package fixes security vulnerability
2014-03-0300:58:54
Gentoo Foundation
advisories.mageia.org
5
0.043 Low
EPSS
Percentile
92.3%
An attacker could send a specially prepared HTML email to OTRS. If he can then trick an agent into following a special link to display this email, JavaScript code would be executed (CVE-2014-1695).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | otrs | < 3.2.15-1 | otrs-3.2.15-1.mga3 |
| Mageia | 4 | noarch | otrs | < 3.2.15-1 | otrs-3.2.15-1.mga4 |
Related
securityvulns
securityvulns
[ MDVSA-2014:054 ] otrs
2014-05-05 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : otrs (MDVSA-2014:054)
2014-03-14 00:00:00
openSUSE Security Update : otrs (openSUSE-SU-2014:0360-1)
2014-06-13 00:00:00
FreeBSD : otrs -- XSS Issue (70b72a52-9e54-11e3-babe-60a44c524f57)
2014-02-26 00:00:00
prion
prion
Cross site scripting
2014-03-01 00:01:00
cve
cve
CVE-2014-1695
2014-03-01 00:01:00
packetstorm
packetstorm
OTRS 3.x Cross Site Scripting
2015-04-27 00:00:00
zdt
zdt
debiancve
debiancve
CVE-2014-1695
2014-03-01 00:01:00
freebsd
freebsd
otrs -- XSS Issue
2014-02-25 00:00:00
exploitpack
exploitpack
OTRS 3.1.x 3.2.x 3.3.x - Persistent Cross-Site Scripting
2015-04-27 00:00:00
ubuntucve
ubuntucve
CVE-2014-1695
2014-03-01 00:00:00
cvelist
cvelist
CVE-2014-1695
2014-02-28 17:00:00
openvas
openvas
OTRS Email HTML Injection Vulnerability (OSA-2014-03)
2014-03-04 00:00:00
Mageia: Security Advisory (MGASA-2014-0114)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-1119-1)
2018-02-06 00:00:00
exploitdb
exploitdb
OTRS < 3.1.x / < 3.2.x / < 3.3.x - Persistent Cross-Site Scripting
2015-04-27 00:00:00
osv
osv
otrs2 - security update
2017-09-30 00:00:00
debian
debian
[SECURITY] [DLA 1119-1] otrs2 security update
2017-09-30 19:36:15