This host is running Open Ticket Request System (OTRS) and is prone to Cross-site scripting vulnerability.
Successful exploitation will allow attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site when malicious data is being viewed. Impact Level: Application
Upgrade to Open Ticket Request System (OTRS) version 2.4.9 or later For updates refer to http://otrs.org/download/
The flaw is due to input passed via HTML e-mails is not properly sanitised in AgentTicketZoom before being displayed to the user.
Open Ticket Request System (OTRS) version 2.4.x before 2.4.9.
Get the installed version of OTRS with the help of detect NVT and check the version is vulnerable or not.
- Apache Tomcat mod_jk Information Disclosure Vulnerability
- Firefox Information Disclosure Vulnerability Jan09 (Win)
- Nakid CMS 'CKEditorFuncNum' Parameter Cross Site Scripting Vulnerability
- phpWebSite 'local' Parameter Cross Site Scripting Vulnerability
- Mantis 'manage_proj_cat_add.php' HTML Injection Vulnerability