CVE-2024-43442 Information

Aug 27, 2024 cve

Description

Improper Neutralization of Input done by an attacker with admin privileges (‘Cross-site Scripting’) in OTRS (System Configuration modules) and ((OTRS)) Community Edition allows Cross-Site Scripting (XSS) within the System Configuration targeting other admins. This issue affects:

OTRS from 7.0.X through 7.0.50
OTRS 8.0.X
OTRS 2023.X
OTRS from 2024.X through 2024.5.X
((OTRS)) Community Edition: 6.0.x

Products based on the ((OTRS)) Community Edition also very likely to be affected

Reference

https://otrs.com/release-notes/otrs-security-advisory-2024-10/

Share on: