Improper Neutralization of Input done by an attacker with admin privileges ('Cross-site Scripting') in Process Management modules of OTRS and ((OTRS)) Community Edition allows Cross-Site Scripting (XSS) within the Process Management targeting other admins.
This issue affects:
* OTRS from 7.0.X through 7.0.50
* OTRS 8.0.X
* OTRS 2023.X
* OTRS from 2024.X through 2024.5.X
* ((OTRS)) Community Edition: 6.0.x
Products based on the ((OTRS)) Community Edition also very likely to be affected
References
Configurations
No configuration.
History
26 Aug 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-26 09:15
Updated : 2024-08-26 12:47
NVD link : CVE-2024-43443
Mitre link : CVE-2024-43443
CVE.ORG link : CVE-2024-43443
JSON object : View
Products Affected
No product.
CWE
CWE-790
Improper Filtering of Special Elements