Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2021-36092

Published: 26/07/2021 Updated: 04/08/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG ((OTRS)) Community Edition:6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

otrs otrs

Vendor Advisories

Debian CVElist Bug Report Logs: otrs2: CVE-2021-36092 CVE-2021-36091 CVE-2021-21443 CVE-2021-21440
Debian Bug report logs - #991593 otrs2: CVE-2021-36092 CVE-2021-36091 CVE-2021-21443 CVE-2021-21440 Package: src:otrs2; Maintainer for src:otrs2 is Patrick Matthäi <pmatthaei@debianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 28 Jul 2021 09:15:02 UTC Severity: grave Tags: security, upstream ...

References

CWE-79https://otrs.com/release-notes/otrs-security-advisory-2021-15/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2024-5274CVE-2020-17519CVE-2024-35340CVE-2021-47558localXML injectionCVE-2021-47519CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook