Multiple cross-site scripting (XSS) vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) hex-encoded values in the QueueID parameter and (2) Action parameters.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-11-29T21:00:00
Updated: 2024-08-07T23:24:36.647Z
Reserved: 2005-11-29T00:00:00
Link: CVE-2005-3894
Vulnrichment
No data.
NVD
Status : Modified
Published: 2005-11-29T21:03:00.000
Modified: 2024-11-21T00:02:59.907
Link: CVE-2005-3894
Redhat
No data.