openSUSE Security Update : otrs (openSUSE-SU-2012:1105-1)

A security issue in otrs was fixed : - OSA-2012-1, http://otrs.org/advisory/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-564. The text description of this plugin is C SUSE LL...

OTRS ITSM 'Body' Field HTML Injection Vulnerability (OSA-2012-01)

OTRS Open Ticket Request System or OTRS:ITSM is prone to HTML injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

[SECURITY] [DSA 2536-1] otrs2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2536-1 [email protected] http://www.debian.org/security/ Florian Weimer August 30, 2012 http://www.debian.org/security/faq -...

CVE-2012-2582

CVE-2012-2582 details multiple XSS vulnerabilities in OTRS/OTRS ITSM. A remote attacker can inject arbitrary script via an email body using (1) CSS in STYLE attributes or (2) UTF-7 in an HTTP-EQUIV=CONTENT-TYPE META element. Affected: OTRS/OTRS ITSM releases where 2.4.x < 2.4.13, 3.0.x < 3....

Open Technology Real Services cross-site scripting vulnerability

Overview Open Technology Real Services OTRS is susceptible to a cross-site scripting vulnerability. Description Open Technology Real Services OTRS contains a cross-site scripting CWE-79 vulnerability in the email body. An attacker may be able to load arbitrary script in the context of the user's...