otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434)
- CVE-2020-11022, CVE-2020-11023: Vulnerability in third-party library -
  jquery OTRS uses jquery version 3.4.1, which is vulnerable to
  cross-site scripting (XSS).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1888=1
openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1888=1
openSUSE Backports SLE-15-SP2:

zypper in -t patch openSUSE-2020-1888=1
openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2020-1888=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.2noarch< - openSUSE Leap 15.2 (noarch):- openSUSE Leap 15.2 (noarch):.noarch.rpm
openSUSE Leap15.1noarch< - openSUSE Leap 15.1 (noarch):- openSUSE Leap 15.1 (noarch):.noarch.rpm
openSUSE Backports SLE15-SP2noarch- opensuse backports sle< 15-SP2 (noarch):- openSUSE Backports SLE-15-SP2 (noarch):.noarch.rpm
openSUSE Backports SLE15-SP1noarch- opensuse backports sle< 15-SP1 (noarch):- openSUSE Backports SLE-15-SP1 (noarch):.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	15.2	noarch		< - openSUSE Leap 15.2 (noarch):	- openSUSE Leap 15.2 (noarch):.noarch.rpm
openSUSE Leap	15.1	noarch		< - openSUSE Leap 15.1 (noarch):	- openSUSE Leap 15.1 (noarch):.noarch.rpm
openSUSE Backports SLE	15-SP2	noarch	- opensuse backports sle	< 15-SP2 (noarch):	- openSUSE Backports SLE-15-SP2 (noarch):.noarch.rpm
openSUSE Backports SLE	15-SP1	noarch	- opensuse backports sle	< 15-SP1 (noarch):	- openSUSE Backports SLE-15-SP1 (noarch):.noarch.rpm

ibm 38

attackerkb 2

osv 12

openvas 21

nessus 49

hp 2

githubexploit 3

fedora 6

atlassian 5

joomla 1

debian 2

oraclelinux 4

checkpoint_advisories 1

drupal 1

redhat 8

typo3 1

gentoo 1

altlinux 1

suse 2

github 4

freebsd 1

veracode 2

nodejs 1

packetstorm 2

cve 2

prion 2

amazon 1

zdt 2

redhatcve 2

ubuntucve 2

ics 1

cvelist 2

nvd 2

almalinux 2

debiancve 2

f5 2

alpinelinux 2

hackerone 1

rocky 1

exploitdb 2

adobe 1

ibm

Security Bulletin: Steps to update DataQuant Wrokstation ans DataQuant WebSphere plugins.

2020-10-07 21:15:08

Security Bulletin: IBM Aspera Webapps are vulnerable to cross-site scripting (CVE-2020-11022, CVE-2020-11023).

2021-09-17 18:19:25

Security Bulletin: IBM API Connect is impacted by vulnerabilities in Drupal (CVE-2020-11022 CVE-2020-11023)

2020-06-26 19:44:32

attackerkb

CVE-2020-11022

2020-04-29 00:00:00

CVE-2020-11023

2020-04-29 00:00:00

osv

jquery - security update

2021-03-25 00:00:00

drupal7 - security update

2020-05-26 00:00:00

Persistent Cross-site Scripting vulnerability in PrivateBin

2022-04-12 20:45:22

openvas

openSUSE: Security Advisory for otrs (openSUSE-SU-2020:1888-1)

2020-11-10 00:00:00

Debian: Security Advisory (DLA-2608-1)

2021-03-26 00:00:00

Discourse < 2.5.0.beta5 Multiple Vulnerabilities

2020-05-28 00:00:00

nessus

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19)

2022-09-01 00:00:00

JQuery 1.2 < 3.5.0 Multiple XSS

2020-05-28 00:00:00

Debian DLA-2608-1 : jquery security update

2021-03-26 00:00:00

Certain HP Printers and MFP products - Cross-Site Scripting (XSS)

2020-09-17 00:00:00

HPSBPI03688 rev. 1 - Certain HP Printer and MFP products - Cross-Site Scripting (XSS)

2020-09-17 00:00:00

githubexploit

Exploit for Cross-site Scripting in Jquery

2021-10-16 01:10:33

Exploit for Cross-site Scripting in Jquery

2020-11-02 20:55:10

Exploit for Cross-site Scripting in Jquery

2020-04-14 19:12:01

fedora

[SECURITY] Fedora 32 Update: drupal8-8.9.0-1.fc32

2020-06-16 01:32:24

[SECURITY] Fedora 33 Update: drupal7-7.72-1.fc33

2020-09-25 17:15:48

[SECURITY] Fedora 32 Update: cacti-1.2.13-1.fc32

2020-07-23 01:06:59

atlassian

Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023

2021-02-02 09:59:24

Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023

2021-02-02 09:59:24

jquery 2.2.4 XSS vulnerability

2022-08-24 14:53:45

joomla

[20200604] - Core - XSS in jQuery.htmlPrefilter

2020-04-10 00:00:00

debian

[SECURITY] [DLA 2608-1] jquery security update

2021-03-26 01:32:22

[SECURITY] [DSA 4693-1] drupal7 security update

2020-05-26 21:08:21

oraclelinux

jquery-ui security update

2022-03-01 00:00:00

bootstrap security update

2021-08-09 00:00:00

ipa security and bug fix update

2021-03-19 00:00:00

checkpoint_advisories

jQuery Cross Site Scripting (CVE-2020-11022; CVE-2020-11023)

2020-11-16 00:00:00

drupal

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002

2020-05-20 00:00:00

redhat

(RHSA-2020:4211) Moderate: Red Hat AMQ Interconnect 1.9.0 release and security update

2020-10-08 06:44:00

(RHSA-2020:3807) Moderate: Red Hat Virtualization security, bug fix, and enhancement update

2020-09-23 15:54:23

(RHSA-2021:1846) Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update

2021-05-18 06:14:07

typo3

Cross-Site Scripting in extension "Kitodo.Presentation" (dlf)

2020-07-29 00:00:00

gentoo

Cacti: Multiple vulnerabilities

2020-07-26 00:00:00

altlinux

Security fix for the ALT Linux 9 package phpipam version 1.42.027-alt1

2020-10-21 00:00:00

suse

Security update for cacti, cacti-spine (moderate)

2020-07-25 00:00:00

Security update for cacti, cacti-spine (moderate)

2020-07-28 00:00:00

github

Persistent Cross-site Scripting vulnerability in PrivateBin

2022-04-12 20:45:22

Potential XSS vulnerability in jQuery

2020-04-29 22:19:14

Use of insecure jQuery version in OctoberCMS

2020-06-05 19:37:49

freebsd

Cacti -- multiple vulnerabilities

2020-07-15 00:00:00

veracode

Cross-Site Scripting (XSS)

2020-04-30 01:59:55

Cross-Site Scripting (XSS)

2020-04-30 02:21:22

nodejs

Cross-Site Scripting

2020-04-30 18:19:09

packetstorm

jQuery 1.2 Cross Site Scripting

2021-04-14 00:00:00

jQuery 1.0.3 Cross Site Scripting

2021-04-14 00:00:00

cve

CVE-2020-11022

2020-04-29 22:15:11

CVE-2020-11023

2020-04-29 21:15:11

prion

Code injection

2020-04-29 21:15:00

Code injection

2020-04-29 22:15:00

amazon

Medium: ipa

2021-04-20 17:55:00

zdt

jQuery 1.0.3 - Cross-Site Scripting Vulnerability

2021-04-14 00:00:00

jQuery 1.2 - Cross-Site Scripting Vulnerability

2021-04-14 00:00:00

redhatcve

CVE-2020-11022

2020-04-29 23:09:52

CVE-2020-11023

2021-06-20 07:11:02

ubuntucve

CVE-2020-11023

2020-04-29 00:00:00

CVE-2020-11022

2020-04-29 00:00:00

ics

Sensormatic Electronics VideoEdge

2021-11-02 12:00:00

cvelist

CVE-2020-11023 Potential XSS vulnerability in jQuery

2020-04-29 00:00:00

CVE-2020-11022 Potential XSS vulnerability in jQuery

2020-04-29 00:00:00

nvd

CVE-2020-11023

2020-04-29 21:15:11

CVE-2020-11022

2020-04-29 22:15:11

almalinux

Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update

2021-05-18 06:14:07

Low: pcs security, bug fix, and enhancement update

2021-11-09 08:21:49

debiancve

CVE-2020-11022

2020-04-29 22:15:11

CVE-2020-11023

2020-04-29 21:15:11

K02453220 : jQuery vulnerability CVE-2020-11022

2020-08-03 00:00:00

K66544153 : jQuery vulnerability CVE-2020-11023

2020-08-03 00:00:00

alpinelinux

CVE-2020-11023

2020-04-29 21:15:11

CVE-2020-11022

2020-04-29 22:15:11

hackerone

Reddit: CVE-2020-11022

2022-12-20 17:19:58

rocky

idm:DL1 and idm:client security, bug fix, and enhancement update

2021-05-18 06:14:07

exploitdb

jQuery 1.2 - Cross-Site Scripting (XSS)

2021-04-14 00:00:00

jQuery 1.0.3 - Cross-Site Scripting (XSS)

2021-04-14 00:00:00

adobe

APSB19-38 Security update available for Adobe Experience Manager

2019-07-09 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.061 Low

EPSS

Percentile

93.6%

JSON

Related for OPENSUSE-SU-2020:1888-1