Lucene search

K

PRIOn knowledge basePRION:CVE-2020-1766

HistoryJan 10, 2020 - 3:15 p.m.

Input validation

2020-01-1015:15:00

PRIOn knowledge base

www.prio-n.com

8

EPSS

0.012

Percentile

85.5%

Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.

References

lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html

lists.debian.org/debian-lts-announce/2020/01/msg00027.html

lists.debian.org/debian-lts-announce/2023/08/msg00040.html

otrs.com/release-notes/otrs-security-advisory-2020-02/

EPSS

0.012

Percentile

85.5%

Related for PRION:CVE-2020-1766

nvd1 cvelist1 osv3 debiancve1 ubuntucve1 cve1 openvas5 nessus4 debian2 suse3