← volver
CVE-2021-36094

XSS attack in appointment edit popup screen

CVSS 5.7 MEDIUMEPSS 0.6%CWE-79
It's possible to craft a request for appointment edit screen, which could lead to the XSS attack. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Productos afectados
OTRS AG · OTRSOTRS AG · ((OTRS)) Community Edition

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://otrs.com/release-notes/otrs-security-advisory-2021-17/