Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2013-2576

Malware in sbrugna...

6.1CVSS6.1AI score0.04305EPSS
Exploits6References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.4 views

SUSE CVE-2013-2625

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified...

6.5CVSS7AI score0.01291EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/09 6:3 p.m.26 views

CVE-2013-4718

Cross-site scripting XSS vulnerability in Open Ticket Request System OTRS ITSM 3.0.x before 3.0.9, 3.1.x before 3.1.10, and 3.2.x before 3.2.7 allows remote authenticated users to inject arbitrary web script or HTML via an ITSM ConfigItem search...

5.7AI score0.00668EPSS
Exploits0References1
CVE
CVE
added 2021/08/09 6:3 p.m.64 views

CVE-2013-4718

CVE-2013-4718 describes a cross-site scripting (XSS) vulnerability in the Open Ticket Request System (OTRS) ITSM components. Affected are OTRS ITSM 3.0.x before 3.0.9, 3.1.x before 3.1.10, and 3.2.x before 3.2.7. The issue allows remote authenticated users to inject arbitrary web script or HTML t...

5.4CVSS6AI score0.00668EPSS
Exploits0References1Affected Software2
CNVD
CNVD
added 2021/02/23 12:0 a.m.5 views

OTRS ITSM Information Disclosure Vulnerability

OTRS ITSM is a suite of foundational solutions for IT service management organizations from OTRS Germany. The solution is based on ITIL best practices and provides management tools for request and fault management, problem management, change management and release management. OTRS AG An informati...

6.5CVSS6.4AI score0.01273EPSS
Exploits0References1
Prion
Prion
added 2020/02/21 4:15 p.m.21 views

Design/Logic Flaw

Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System OTRS 3.0.x before 3.0.20, 3.1.x before 3.1.16, and 3.2.x before 3.2.7, and OTRS ITSM 3.0.x before 3.0.8, 3.1.x before 3.1.9, and 3.2.x before 3.2.5 does not properly restrict tickets, which allows remote attackers with a valid agent...

4CVSS6.8AI score0.01577EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2020/02/12 5:15 p.m.31 views

CVE-2013-2637

A Cross-Site Scripting XSS Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code...

6.1CVSS6AI score0.04305EPSS
Exploits6References4
Prion
Prion
added 2020/02/12 5:15 p.m.19 views

Cross site scripting

A Cross-Site Scripting XSS Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code...

4.3CVSS6.4AI score0.04305EPSS
Exploits6References4Affected Software3
CVE
CVE
added 2020/02/12 4:7 p.m.73 views

CVE-2013-2637

CVE-2013-2637 describes a cross-site scripting (XSS) vulnerability in OTRS ITSM. The NVD/NVD-related entries state that an attacker could exploit an XSS via changes, workorder items, and FAQ articles, enabling a remote attacker to execute arbitrary code in affected systems. The vulnerability affe...

6.1CVSS5.9AI score0.04305EPSS
Exploits6References4Affected Software2
Cvelist
Cvelist
added 2020/02/12 4:7 p.m.40 views

CVE-2013-2637

A Cross-Site Scripting XSS Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code...

6AI score0.04305EPSS
Exploits6References4
NVD
NVD
added 2019/11/27 7:15 p.m.21 views

CVE-2013-2625

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified...

6.5CVSS6.7AI score0.01291EPSS
Exploits0References5
OSV
OSV
added 2019/11/27 7:15 p.m.9 views

CVE-2013-2625

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified...

6.5CVSS6.6AI score0.01291EPSS
Exploits0References6
Cvelist
Cvelist
added 2019/11/27 6:8 p.m.26 views

CVE-2013-2625

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified...

6.6AI score0.01291EPSS
Exploits0References5
CVE
CVE
added 2019/11/27 6:8 p.m.80 views

CVE-2013-2625

CVE-2013-2625 is an Access Bypass in OTRS where access rights by the object linking mechanism were not verified. Affected products/versions include OTRS Help Desk prior to 3.2.4, 3.1.14, 3.0.19 and OTRS ITSM prior to 3.2.3, 3.1.8, 3.0.7, as well as related FAQ versions. The issue is network-explo...

6.5CVSS6.5AI score0.01291EPSS
Exploits0References5Affected Software3
Tenable Nessus
Tenable Nessus
added 2016/11/18 12:0 a.m.43 views

openSUSE Security Update : otrs (openSUSE-2016-1316)

This update for otrs fixes the following security issues : - CVE-2016-9139: execution of JavaScript in OTRS context by opening malicious attachment OSA-2016-02, bsc1008017 In addition, OTRS was updated to 3.3.16, containing all upstream improvements and bug fixes. %NASLMINLEVEL 70300 C Tenable...

6.1CVSS6.3AI score0.00816EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.41 views

OTRS FAQ Module - Persistent XSS

No description provided by source. Exploit Title: OTRS Faq Module - Persistent XSS Date: 2-Apr-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.otrs.com Version: OTRS ITSM 3.2.x,OTRS ITSM 3.1.x,OTRS ITSM 3.0.x Tested on: Perl CVE : CVE-2013-2637 OVERVIEW The OTRS ITSM FAQ Module 3.2...

6.9AI score0.04305EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.38 views

openSUSE Security Update : otrs (openSUSE-SU-2014:0561-1)

This otrs update fixes the following security and non security issues : - bnc871758: Fixed OSA-2014-04 CVE-2014-2553 and OSA-2014-05 CVE-2014-2554. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

4.3CVSS7AI score0.01466EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.30 views

openSUSE Security Update : otrs (openSUSE-SU-2011:0464-1)

This updated fixes a cross site scripting XSS issue in otrs. CVE-2011-1518 Upstream advisory: http://otrs.org/advisory/OSA-2011-01-en/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update otrs-4509...

4.3CVSS5.9AI score0.02265EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/09/27 12:0 a.m.50 views

OTRS ITSM XSS Vulnerability (OSA-2013-02)

OTRS ITSM is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrsitsm"; i...

6.1CVSS5.9AI score0.04305EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2013/09/27 12:0 a.m.49 views

OTRS ITSM Multiple Input Validation Vulnerability (OSA-2013-05)

Open Ticket Request System OTRS and OTRS:ITSM are prone to multiple input validation vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

8.8CVSS7.1AI score0.01322EPSS
Exploits0References4
Rows per page
Query Builder