VDB
DEBIAN-CVE-2016-9139
DEBIAN-CVE-2016-9139
PUBLISHED
CVSS 6.099999904632568 MEDIUM
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment.
Risk Scores
CVSS 3.0
6.099999904632568
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | otrs2 | 2.2.5-2, 0, 2.0.4 |
Timeline
- Feb 17, 2017 CVE Published
- Apr 28, 2026 CVE Updated