CVE-2018-19141

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.
Configurations

Configuration 1

cpe:2.3:a:otrs:open_ticket_request_system:*:*:*:*:*:*:*:*
cpe:2.3:a:otrs:open_ticket_request_system:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2018-11-11 05:29

Updated : 2018-12-12 06:59


NVD link : CVE-2018-19141

Mitre link : CVE-2018-19141

Products Affected
CWE