Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 342687 (CVE-2010-4071) - <www-apps/otrs-3.0.10: XSS vulnerabilities (CVE-2010-4071,CVE-2011-1518)
Summary: <www-apps/otrs-3.0.10: XSS vulnerabilities (CVE-2010-4071,CVE-2011-1518)
Alias: CVE-2010-4071
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
Whiteboard: ~4 [noglsa]
Depends on:
Blocks: 260823
  Show dependency tree
Reported: 2010-10-26 03:43 UTC by Andreis Vinogradovs ( slepnoga )
Modified: 2011-08-19 19:44 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Andreis Vinogradovs ( slepnoga ) 2010-10-26 03:43:34 UTC
Title:      AgentTicketZoom is vulnerable to XSS attacks from HTML e-mails
 Severity:   Less critical
 Product:    OTRS 2.4.x
 Fixed in:   OTRS 2.4.9

AgentTicketZoom is vulnerable to XSS attacks from HTML e-mails

  Whenever a customer sends an HTML e-mail and RichText is enabled in OTRS,
  javascript contained in the email can do everything in the OTRS agent
  interface that the agent himself could do.

  Most relevant is that this type of exploit can be used in such a way that
  the agent won't even detect he is being exploited.

Affected by this vulnerability are all releases of OTRS 2.4.x up to and
including 2.4.8.

This vulnerability is fixed in OTRS 2.4.9.
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2011-05-10 04:30:32 UTC
More Cross Site Scripting vulnerabilities have been disclosed in:

A more up-to-date fixed-in list is:

Fixed in:   OTRS 2.4.10, 3.0.7
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2011-06-24 19:59:39 UTC
CVE-2010-4071 (
  Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x
  before 2.4.9, when RichText is enabled, allows remote attackers to inject
  arbitrary web script or HTML via JavaScript in an HTML e-mail.
Comment 3 Tim Sammut (RETIRED) gentoo-dev 2011-08-19 15:32:52 UTC
Fixed software added and vulnerable versions removed by Patrick Lauer via bug 379855. Closing noglsa for ~arch package.