CVE-2018-17883 — Vulnetix

CVE-2018-17883 PUBLISHED

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x before 6.0.12. An attacker could send an e-mail message with a malicious link to an OTRS system or an agent. If a logged-in agent opens this link, it could cause the execution of JavaScript in the context of OTRS.

EPSS 0.84% · 75.1th percentile

Risk Scores

EPSS Score

0.84%

75.1th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:18.04:LTS	otrs2	5.0.23-1, 5.0.24-1, 6.0.3-1

Exploit Intelligence

Timeline

Apr 15, 2023 CVE Published
Apr 16, 2023 EPSS Score
May 24, 2023 EPSS Score
Jun 30, 2023 EPSS Score
Aug 7, 2023 EPSS Score
Sep 13, 2023 EPSS Score
Oct 21, 2023 EPSS Score
Nov 28, 2023 EPSS Score
Jan 4, 2024 EPSS Score
Feb 11, 2024 EPSS Score
Mar 20, 2024 EPSS Score
Apr 26, 2024 EPSS Score

References

https://ubuntu.com/security/CVE-2018-17883 third-party-advisory
https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/ third-party-advisory
https://github.com/OTRS/otrs/commit/40bbcc261a77c2f4c0383658cd99c07d577179ce third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2018-17883 third-party-advisory

Open in Interactive Console →