FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

otrs -- XSS vulnerability

Affected packages
otrs < 3.1.8

Details

VuXML ID 661bd031-c37d-11e2-addb-60a44c524f57
Discovery 2013-04-02
Entry 2013-05-23

The OTRS Project reports:

An attacker with permission to write changes, workorder items or FAQ articles could inject JavaScript code into the articles which would be executed by the browser of other users reading the article.

[source]

References

CVE Name CVE-2013-2637
URL http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-02/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.