0.043 Low
EPSS
Percentile
92.3%
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email.
secunia.com/advisories/57018
launchpad.net/bugs/cve/CVE-2014-1695
nvd.nist.gov/vuln/detail/CVE-2014-1695
security-tracker.debian.org/tracker/CVE-2014-1695
www.cve.org/CVERecord?id=CVE-2014-1695
www.otrs.com/security-advisory-2014-03-xss-issue