4 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-11563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary...
Debian: Security Advisory (DLA-1877-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1877-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u11 CVE ID : CVE-2018-11563 CVE-2019-12746 CVE-2019-13458 Several security issues have been fixed in otrs2, a well known trouble ticket system. CVE-2018-11563 An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose...
CVE-2018-11563
OTRS 6.0.x–6.0.7 contains a vulnerability where a crafted email can inject and execute arbitrary stylesheet or JavaScript in a logged-in customer’s browser within the OTRS customer panel. The issue is a client-side impact (UI/script execution) driven by user-supplied content (email) processed by ...