Lucene search
K

5 matches found

Prion
Prion
added 2017/05/29 7:29 p.m.16 views

Design/Logic Flaw

Open Ticket Request System OTRS 3.3.9 has XSS in index.pl?Action=AgentStats requests, as demonstrated by OrderBy=XSS and Direction=XSS attacks. NOTE: this CVE may have limited relevance because it represents a 2017 discovery of an issue in software from 2014. The 3.3.20 release, for example, is n...

4.3CVSS6.3AI score0.00773EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2017/05/29 7:29 p.m.23 views

CVE-2017-9299

Open Ticket Request System OTRS 3.3.9 has XSS in index.pl?Action=AgentStats requests, as demonstrated by OrderBy=XSS and Direction=XSS attacks. NOTE: this CVE may have limited relevance because it represents a 2017 discovery of an issue in software from 2014. The 3.3.20 release, for example, is n...

6.1CVSS6.3AI score0.00773EPSS
Exploits1References2
NVD
NVD
added 2017/05/29 7:29 p.m.16 views

CVE-2017-9299

Open Ticket Request System OTRS 3.3.9 has XSS in index.pl?Action=AgentStats requests, as demonstrated by OrderBy=XSS and Direction=XSS attacks. NOTE: this CVE may have limited relevance because it represents a 2017 discovery of an issue in software from 2014. The 3.3.20 release, for example, is n...

6.1CVSS6.1AI score0.00773EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/05/29 7:0 p.m.24 views

CVE-2017-9299

Open Ticket Request System OTRS 3.3.9 has XSS in index.pl?Action=AgentStats requests, as demonstrated by OrderBy=XSS and Direction=XSS attacks. NOTE: this CVE may have limited relevance because it represents a 2017 discovery of an issue in software from 2014. The 3.3.20 release, for example, is n...

6.2AI score0.00773EPSS
Exploits1References1
CVE
CVE
added 2017/05/29 7:0 p.m.42 views

CVE-2017-9299

CVE-2017-9299 concerns Open Ticket Request System (OTRS) 3.3.9 with a cross-site scripting vulnerability in the web interface. The vulnerable vector is the index.pl?Action=AgentStats requests, exploitable via crafted OrderBy and Direction parameters to inject script or HTML. The vulnerability is ...

6.1CVSS6AI score0.00773EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder