OTRS (Open Ticket Request System) Email Attachment XSS

2005-11-22T11:56:10
ID OSVDB:21066
Type osvdb
Reporter Moritz Naumann(security@moritz-naumann.com)
Modified 2005-11-22T11:56:10

Description

Vulnerability Description

OTRS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate HTML attachments. This could allow an attacker to create a specially crafted file that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Upgrade to version 2.0.4 or higher or 1.3.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

OTRS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate HTML attachments. This could allow an attacker to create a specially crafted file that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

References:

Vendor URL: http://www.otrs.org/ Vendor Specific Advisory URL Security Tracker: 1015262 Secunia Advisory ID:18101 Secunia Advisory ID:18887 Secunia Advisory ID:17685 Related OSVDB ID: 21065 Related OSVDB ID: 21067 Related OSVDB ID: 21064 Other Advisory URL: http://www.novell.com/linux/security/advisories/2005_30_sr.html Other Advisory URL: http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0705.html CVE-2005-3895 Bugtraq ID: 15537