2 matches found
Debian Security Advisory DSA 1298-1 (otrs2)
The remote host is missing an update to otrs2 announced via advisory DSA 1298-1. OpenVAS Vulnerability Test $Id: deb12981.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1298-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian DSA-1298-1 : otrs2 - missing input sanitising
It was discovered that the Open Ticket Request System performs insufficient input sanitising for the Subaction parameter, which allows the injection of arbitrary web script code. The oldstable distribution sarge doesn't include otrs2. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...