FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

otrs -- XSS vulnerability in Internet Explorer

Affected packages
otrs < 3.1.9

Details

VuXML ID 49a6026a-52a3-11e2-a289-1c4bd681f0cf
Discovery 2012-08-22
Entry 2012-12-30

OTRS Security Advisory reports:

This advisory covers vulnerabilities discovered in the OTRS core system. Due to the XSS vulnerability in Internet Explorer an attacker could send a specially prepared HTML email to OTRS which would cause JavaScript code to be executed in your Internet Explorer while displaying the email.

References

CVE Name CVE-2012-2582
URL http://www.otrs.com/open-source/community-news/security-advisories/security-advisory-2012-01/