CVE-2022-39049

Summary

An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS.

Affected Software

VendorProductVersion RangeStatus
OTRS AGOTRS7.0.x <= 7.0.36affected
OTRS AGOTRS8.0.x <= 8.0.24affected
OTRS AG((OTRS)) Community Edition6.0.1 < 6.0.x*affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References