CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
76.3%
OTRS Security Advisory reports:
This advisory covers vulnerabilities discovered in the OTRS core
system. This is a variance of the XSS vulnerability, where an attacker could
send a specially prepared HTML email to OTRS which would cause JavaScript code
to be executed in your browser while displaying the email. In this case this is
achieved by using javascript source attributes with whitespaces.