CVE-2024-43443

Improper Neutralization of Input done by an attacker with admin privileges ('Cross-site Scripting') in Process Management modules of OTRS and ((OTRS)) Community Edition allows Cross-Site Scripting (XSS) within the Process Management targeting other admins. This issue affects: * OTRS from 7.0.X through 7.0.50 * OTRS 8.0.X * OTRS 2023.X * OTRS from 2024.X through 2024.5.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected
Configurations

No configuration.

History

26 Aug 2024, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-26 09:15

Updated : 2024-08-26 12:47


NVD link : CVE-2024-43443

Mitre link : CVE-2024-43443

CVE.ORG link : CVE-2024-43443


JSON object : View

Products Affected

No product.

CWE
CWE-790

Improper Filtering of Special Elements