Lucene search
GoogleOSV:CVE-2019-9752HistoryMar 13, 2019 - 10:29 p.m.
CVE-2019-9752
2019-03-1322:29:00
Google
osv.dev
11
An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.
References
lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
community.otrs.com/security-advisory-2019-01-security-update-for-otrs-framework
lists.debian.org/debian-lts-announce/2019/03/msg00023.html
Related
ubuntucve
ubuntucve
CVE-2019-9752
2019-03-13 00:00:00
cve
cve
CVE-2019-9752
2019-03-13 22:29:00
nvd
nvd
CVE-2019-9752
2019-03-13 22:29:00
osv
osv
otrs2 - security update
2019-03-19 00:00:00
prion
prion
Design/Logic Flaw
2019-03-13 22:29:00
nessus
nessus
Debian DLA-1721-1 : otrs2 security update
2019-03-20 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-551)
2020-04-28 00:00:00
openSUSE Security Update : otrs (openSUSE-2020-1475)
2020-09-23 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1721-1)
2019-03-18 00:00:00
OTRS 7.0.x <= 7.0.3, 6.0.x <= 6.0.15 and 5.0.x <= 5.0.33 RCE Vulnerability
2019-03-18 00:00:00
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0551-1)
2020-04-26 00:00:00
debiancve
debiancve
CVE-2019-9752
2019-03-13 22:29:00
debian
debian
[SECURITY] [DLA 1721-1] otrs2 security update
2019-03-19 07:48:45
cvelist
cvelist
CVE-2019-9752
2019-03-13 22:00:00
suse
suse
Recommended update for otrs (moderate)
2020-09-20 00:00:00
Recommended update for otrs (moderate)
2020-04-25 00:00:00
Recommended update for otrs (moderate)
2020-09-23 00:00:00