25 matches found
CVE-2010-4762
Cross-site scripting XSS vulnerability in the rich-text-editor component in Open Ticket Request System OTRS before 3.0.0-beta2 allows remote authenticated users to inject arbitrary web script or HTML by using the "source code" feature in the customer interface...
CVE-2010-4761
The CVE-2010-4761 entry describes an information-disclosure flaw in Open Ticket Request System (OTRS) prior to version 3.0.0-beta3. The vulnerability arises in the customer-interface ticket-print dialog, which does not properly restrict customer-visible data, enabling remote authenticated users t...
CVE-2010-4761
The customer-interface ticket-print dialog in Open Ticket Request System OTRS before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the 1 responsible, 2 owner, 3 accounted time, 4 pending until...
CVE-2010-4762
Cross-site scripting XSS vulnerability in the rich-text-editor component in Open Ticket Request System OTRS before 3.0.0-beta2 allows remote authenticated users to inject arbitrary web script or HTML by using the "source code" feature in the customer interface...
[waraxe-2008-SA#063] - Information Leakage in Kayako SupportSuite 3.11.01
waraxe-2008-SA063 - Information Leakage in Kayako SupportSuite 3.11.01 =============================================================================== Author: Janek Vind "waraxe" Date: 21. January 2008 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-63.html Target software description...