Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2014-0194
HistoryApr 24, 2014 - 11:11 p.m.

Updated otrs packages fix multiple vulnerabilities

2014-04-2423:11:34
Gentoo Foundation
advisories.mageia.org
12

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

52.4%

JSON

Updated otrs package fixes security vulnerabilities: A logged in attacker could insert special content in dynamic fields, leading to JavaScript code being executed in OTRS (CVE-2014-2553). An attacker could embed OTRS in a hidden iframe tag of another page, tricking the user into clicking links in OTRS (CVE-2014-2554).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchotrs< 3.2.16-1otrs-3.2.16-1.mga3
Mageia4noarchotrs< 3.2.16-1otrs-3.2.16-1.mga4

Related

nessus 4
openvas 4
securityvulns 2
osv 1
debian 1
prion 2
cve 2
debiancve 2
seebug 2
freebsd 1
ubuntucve 2
nessus
nessus
Mandriva Linux Security Advisory : otrs (MDVSA-2014:111)
2014-06-10 00:00:00
openSUSE Security Update : otrs (openSUSE-SU-2014:0561-1)
2014-06-13 00:00:00
Debian DLA-1119-1 : otrs2 security update
2017-10-02 00:00:00
openvas
openvas
OTRS Help Desk Cross Site Scripting/Clickjacking Vulnerability
2014-04-03 00:00:00
OTRS Help Desk 3.1.x < 3.1.21, 3.2.x < 3.2.16, 3.3.x < 3.3.6 Multiple Vulnerabilities
2014-04-07 00:00:00
Mageia: Security Advisory (MGASA-2014-0194)
2022-01-28 00:00:00
securityvulns
securityvulns
[ MDVSA-2014:111 ] otrs
2014-06-14 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-06-14 00:00:00
osv
osv
otrs2 - security update
2017-09-30 00:00:00
debian
debian
[SECURITY] [DLA 1119-1] otrs2 security update
2017-09-30 19:35:53
prion
prion
Code injection
2014-04-23 15:55:00
Cross site scripting
2014-04-02 16:05:00
cve
cve
CVE-2014-2553
2014-04-02 16:05:00
CVE-2014-2554
2014-04-23 15:55:00
debiancve
debiancve
CVE-2014-2554
2014-04-23 15:55:00
CVE-2014-2553
2014-04-02 16:05:00
seebug
seebug
OTRS Help Desk跨站脚本漏洞
2014-04-02 00:00:00
OTRS Help Desk点击劫持漏洞
2014-04-02 00:00:00
freebsd
freebsd
otrs -- Clickjacking issue
2014-04-01 00:00:00
ubuntucve
ubuntucve
CVE-2014-2553
2014-04-02 00:00:00
CVE-2014-2554
2014-04-23 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

52.4%

JSON
Related for MGASA-2014-0194
nessus4openvas4securityvulns2osv1debian1prion2cve2debiancve2seebug2freebsd1ubuntucve2