Your submission was sent successfully! Close

CVE-2005-3894

Published: 29 November 2005

Multiple cross-site scripting (XSS) vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) hex-encoded values in the QueueID parameter and (2) Action parameters.

Priority

Unknown

Status

Package Release Status
otrs
Launchpad, Ubuntu, Debian
Upstream Needs triage