CVE-2005-3895 - Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownlo

CVE-2005-3895

Summary

Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which allows remote attackers to execute arbitrary web script or HTML. NOTE: this particular issue is referred to as XSS by some sources.

References

Vulnerable Configurations

cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*

CVSS

Base:	5.8 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:N

refmap via4

bid	15537
bugtraq	20051122 OTRS 1.x/2.x Multiple Security Issues
confirm	http://otrs.org/advisory/OSA-2005-01-en/
debian	DSA-973
fulldisc	20051122 OTRS 1.x/2.x Multiple Security Issues
misc	http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt
osvdb	21066
secunia	17685 18101 18887
sreason	200
suse	SUSE-SR:2005:030
vupen	ADV-2005-2535
xf	otrs-email-attachment-xss(23355)

Last major update

20-07-2017 - 01:29

Published

29-11-2005 - 21:03

Last modified

20-07-2017 - 01:29