Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-9752 |
An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm. Published: March 13, 2019; 6:29:00 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |