Otrs: >> Otrs Itsm >> 2.1.5 Security Vulnerabilities
Specially crafted string in OTRS system configuration can allow the execution of any system command.
CVSS Score
6.4
EPSS Score
0.009
Published
2022-03-21
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.
CVSS Score
6.1
EPSS Score
0.012
Published
2020-02-12