7 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-19141
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Ticket Request System OTRS 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and custome...
openSUSE Security Update : otrs (openSUSE-2019-973)
This update for otrs fixes the following issues : Update to version 4.0.33. Security issues fixed : - CVE-2018-19141: Fixed privilege escalation, that an attacker who is logged into OTRS as an admin user cannot manipulate the URL to cause execution of JavaScript in the context of OTRS. -...
openSUSE: Security Advisory for otrs (openSUSE-SU-2018:4046-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian DLA-1592-1 : otrs2 security update
Two security vulnerabilities were discovered in OTRS, a Ticket Request System, that may lead to privilege escalation or arbitrary file write. CVE-2018-19141 An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS...
Debian: Security Advisory (DLA-1592-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1592-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u7 CVE ID : CVE-2018-19141 CVE-2018-19143 Two security vulnerabilities were discovered in OTRS, a Ticket Request System, that may lead to privilege escalation or arbitrary file write. CVE-2018-19141 An attacker who is logged into OTRS as an admin user may...
CVE-2018-19141
CVE-2018-19141 affects Open Ticket Request System (OTRS). The vulnerability is an XSS allowing an admin to manipulate a modified URL due to mishandled user and customer preferences, with impact limited to Contextual JavaScript execution in OTRS. Affected branches are OTRS 4.0.x before 4.0.33 and ...