CVE-2012-4600
N/A
N/A
Summary
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.14, 3.0.x before 3.0.16, and 3.1.x before 3.1.10, when Firefox or Opera is used, allows remote attackers to inject arbitrary web script or HTML via an e-mail message body with nested HTML tags.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://znuny.com/en/#%21/advisory/ZSA-2012-02
- http://secunia.com/advisories/50615
- http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2012-02/
- http://www.kb.cert.org/vuls/id/511404
References
- http://znuny.com/en/#%21/advisory/ZSA-2012-02
- http://secunia.com/advisories/50615
- http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2012-02/
- http://www.kb.cert.org/vuls/id/511404
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.