First published: Mon Aug 09 2021(Updated: )
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Otrs Otrs | >=3.0.0<=3.0.21 | |
Otrs Otrs | >=3.1.0<=3.1.17 | |
Otrs Otrs | >=3.2.0<=3.2.8 | |
Otrs Otrs Itsm | >=3.0.0<=3.0.8 | |
Otrs Otrs Itsm | >=3.1.0<=3.1.9 | |
Otrs Otrs Itsm | >=3.2.0<=3.2.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-4718 is a cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) ITSM that allows remote authenticated users to inject arbitrary web script or HTML via an ITSM ConfigItem search.
CVE-2013-4718 allows remote authenticated users to inject malicious scripts or HTML code through an ITSM ConfigItem search, potentially leading to unauthorized access, data theft, or other attacks.
CVE-2013-4718 affects OTRS ITSM versions 3.0.x before 3.0.9, 3.1.x before 3.1.10, and 3.2.x before 3.2.7.
To fix CVE-2013-4718, it is recommended to update OTRS ITSM to version 3.0.9 or later for 3.0.x, version 3.1.10 or later for 3.1.x, and version 3.2.7 or later for 3.2.x.
More information about CVE-2013-4718 can be found at the following link: [https://web.archive.org/web/20130817120539/http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2013-05/](https://web.archive.org/web/20130817120539/http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2013-05/)