CVE-2014-2554

CVE-2014-2554

EPSS 1.5%

OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://lists.opensuse.org/opensuse-updates/2014-04/msg00062.html http://www.otrs.com/security-advisory-2014-05-clickjacking-issue/