CVE-2007-2524
CVE-2007-2524 describes a cross-site scripting (XSS) vulnerability in the Open Ticket Request System (OTRS) 2.0.x. The flaw occurs in the index.pl script via the Subaction parameter in an AgentTicketMailbox Action, enabling an attacker to inject arbitrary web script or HTML. The connected OSS/NSS...