19 matches found
Mageia: Security Advisory (MGASA-2014-0114)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1119-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1119-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1deb7u1 CVE ID : CVE-2014-1695 CVE-2014-2553 CVE-2014-2554 CVE-2017-14635 Debian Bug : 876462 An attacker who is logged into OTRS, a Ticket Request System, as an agent with write permissions for statistics can inject arbitrary code into the system. This can lead t...
OTRS 3.x Cross Site Scripting
Exploit Title: Stored Cross-Site Scripting XSS in OTRS Date: 28.01.2014 Exploit Author: Adam Ziaja http://adamziaja.com Vendor Homepage: https://www.otrs.com Version: 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 CVE : CVE-2014-1695 !/usr/bin/perl -w use strict; use MIME::Lite;...
OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS) Vulnerability
Exploit for php platform in category web applications Exploit Title: Stored Cross-Site Scripting XSS in OTRS Date: 28.01.2014 Exploit Author: Adam Ziaja http://adamziaja.com Vendor Homepage: https://www.otrs.com Version: 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 CVE :...
OTRS 3.1.x 3.2.x 3.3.x - Persistent Cross-Site Scripting
OTRS 3.1.x 3.2.x 3.3.x - Persistent Cross-Site Scripting Exploit Title: Stored Cross-Site Scripting XSS in OTRS Date: 28.01.2014 Exploit Author: Adam Ziaja http://adamziaja.com Vendor Homepage: https://www.otrs.com Version: 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 CVE :...
OTRS < 3.1.x / < 3.2.x / < 3.3.x - Persistent Cross-Site Scripting
Exploit Title: Stored Cross-Site Scripting XSS in OTRS Date: 28.01.2014 Exploit Author: Adam Ziaja http://adamziaja.com Vendor Homepage: https://www.otrs.com Version: 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 CVE : CVE-2014-1695 !/usr/bin/perl -w use strict; use MIME::Lite;...
openSUSE Security Update : otrs (openSUSE-SU-2014:0360-1)
The OTRS ticket system was updated to 3.1.20 / 3.2.15 : On openSUSE 12.3 it was updated to 3.1.20: fix for OSA-2014-03, CVE-2014-1695 - Improved HTML filter. - 3.1.19 2014-01-28 - Fixed bug10158 - Missing quoting in State::StateGetStatesByType. - Fixed bug10099 - Missing challenge token checks on...
[ MDVSA-2014:054 ] otrs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:054 http://www.mandriva.com/en/support/security/ Package : otrs Date : March 13, 2014 Affected: Business Server 1.0 Problem Description: Updated otrs package fixes security vulnerability: An attacker could...
Mandriva Linux Security Advisory : otrs (MDVSA-2014:054)
Updated otrs package fixes security vulnerability : An attacker could send a specially prepared HTML email to OTRS. If he can then trick an agent into following a special link to display this email, JavaScript code would be executed CVE-2014-1695. %NASLMINLEVEL 70300 C Tenable Network Security,...
OTRS Email HTML Injection Vulnerability (OSA-2014-03)
Open Ticket Request System OTRS is prone to a HTML injection vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Updated otrs package fixes security vulnerability
An attacker could send a specially prepared HTML email to OTRS. If he can then trick an agent into following a special link to display this email, JavaScript code would be executed CVE-2014-1695...
CVE-2014-1695
Cross-site scripting XSS vulnerability in Open Ticket Request System OTRS 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email...
CVE-2014-1695
Cross-site scripting XSS vulnerability in Open Ticket Request System OTRS 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email...
CVE-2014-1695
Cross-site scripting XSS vulnerability in Open Ticket Request System OTRS 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email...
CVE-2014-1695
CVE-2014-1695 affects OTRS Open Ticket Request System. Affected: OTRS 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5. Root cause: cross-site scripting via a crafted HTML email allows remote attackers to inject arbitrary web script/HTML. Impact: potential for arbitrary script exe...
CVE-2014-1695
Cross-site scripting XSS vulnerability in Open Ticket Request System OTRS 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email...
CVE-2014-1695
Cross-site scripting XSS vulnerability in Open Ticket Request System OTRS 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email...
FreeBSD : otrs -- XSS Issue (70b72a52-9e54-11e3-babe-60a44c524f57)
The OTRS Project reports : An attacker could send a specially prepared HTML email to OTRS. If he can then trick an agent into following a special link to display this email, JavaScript code would be executed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...