Survey administrator can craft a survey in such way that malicious code can be executed in the agent interface (i.e. another agent who wants to make changes in the survey). This issue affects: OTRS AG Survey 6.0.x version 6.0.20 and prior versions; 7.0.x version 7.0.19 and prior versions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: OTRS
Published: 2021-02-08T10:55:19.064437Z
Updated: 2024-09-17T03:54:55.677Z
Reserved: 2020-12-29T00:00:00
Link: CVE-2021-21434
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-02-08T11:15:14.080
Modified: 2024-11-21T05:48:21.277
Link: CVE-2021-21434
Redhat
No data.