How severe is CVE-2024-43442?

CVE-2024-43442 has a CVSS v3 score of 4.9 (MEDIUM).

CVE-2024-43442

4.9MEDIUM

Improper Neutralization of Input done by an attacker with admin privileges ('Cross-site Scripting') in OTRS (System Configuration modules) and ((OTRS)) Community Edition allows Cross-Site Scripting (

Publicado: 8/26/2024Actualizado: 8/26/2024

Descripción

Improper Neutralization of Input done by an attacker with admin privileges ('Cross-site Scripting') in OTRS (System Configuration modules) and ((OTRS)) Community Edition allows Cross-Site Scripting (XSS) within the System Configuration targeting other admins. This issue affects: * OTRS from 7.0.X through 7.0.50 * OTRS 8.0.X * OTRS 2023.X * OTRS from 2024.X through 2024.5.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected

Análisis IAImpulsado por IA

Referencias

https://otrs.com/release-notes/otrs-security-advisory-2024-10/