Lucene search
Ubuntu.comUB:CVE-2020-1771HistoryMar 27, 2020 - 12:00 a.m.
CVE-2020-1771
2020-03-2700:00:00
ubuntu.com
ubuntu.com
4
0.001 Low
EPSS
Percentile
40.2%
Attacker is able craft an article with a link to the customer address book
with malicious content (JavaScript). When agent opens the link, JavaScript
code is executed due to the missing parameter encoding. This issue affects:
((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and
prior versions.
Notes
| Author | Note |
|---|---|
| sbeattie | probably does not affect otrs v5 |
Related
osv
osv
CVE-2020-1771
2020-03-27 13:15:15
otrs2 - security update
2023-08-31 00:00:00
cve
cve
CVE-2020-1771
2020-03-27 13:15:00
cvelist
cvelist
CVE-2020-1771 Possible XSS in Customer user address book
2020-03-27 00:00:00
debiancve
debiancve
CVE-2020-1771
2020-03-27 13:15:00
prion
prion
Code injection
2020-03-27 13:15:00
openvas
openvas
OTRS 5.0.x < 5.0.42, 6.0.x < 6.0.27, 7.0.x < 7.0.16 Multiple Vulnerabilities
2020-03-30 00:00:00
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0551-1)
2020-04-26 00:00:00
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:1475-1)
2020-09-21 00:00:00
nessus
nessus
openSUSE Security Update : otrs (openSUSE-2020-1475)
2020-09-23 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-551)
2020-04-28 00:00:00
Debian DLA-3551-1 : otrs2 - LTS security update
2023-09-06 00:00:00
suse
suse
Recommended update for otrs (moderate)
2020-04-25 00:00:00
Recommended update for otrs (moderate)
2020-09-20 00:00:00
Recommended update for otrs (moderate)
2020-09-23 00:00:00
debian
debian
[SECURITY] [DLA 3551-1] otrs2 security update
2023-08-31 00:20:56