VulnerableCode Vulnerability Details

System	Score	Found at
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
epss	0.0694	https://api.first.org/data/v1/epss?cve=CVE-2012-4600
cvssv2	2.6	https://nvd.nist.gov/vuln/detail/CVE-2012-4600

Data source	Exploit-DB
Date added	Aug. 31, 2012
Description	OTRS Open Technology Real Services 3.1.8/3.1.9 - Cross-Site Scripting
Ransomware campaign use	Unknown
Source publication date	Aug. 31, 2012
Exploit type	webapps
Platform	windows
Source update date	Aug. 31, 2012
Source URL	http://znuny.com/#!/advisory/ZSA-2012-02

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2012-4600

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vulnerability ID	VCID-cvxb-rw2p-vuab
Aliases	CVE-2012-4600
Summary	Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.14, 3.0.x before 3.0.16, and 3.1.x before 3.1.10, when Firefox or Opera is used, allows remote attackers to inject arbitrary web script or HTML via an e-mail message body with nested HTML tags.
Status	Published
Exploitability	2.0
Weighted Severity	2.3
Risk	4.6
Affected and Fixed Packages	Package Details

Percentile	0.91376
EPSS Score	0.0694
Published At	April 1, 2026, 12:55 p.m.

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2012-4600
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4600
		http://secunia.com/advisories/50615
		http://www.kb.cert.org/vuls/id/511404
		http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2012-02/
		http://znuny.com/en/#%21/advisory/ZSA-2012-02
cpe:2.3:a:otrs:otrs:2.4.0:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.0:beta1::::::
cpe:2.3:a:otrs:otrs:2.4.0:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.0:beta2::::::
cpe:2.3:a:otrs:otrs:2.4.0:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.0:beta3::::::
cpe:2.3:a:otrs:otrs:2.4.0:beta4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.0:beta4::::::
cpe:2.3:a:otrs:otrs:2.4.0:beta5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.0:beta5::::::
cpe:2.3:a:otrs:otrs:2.4.0:beta6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.0:beta6::::::
cpe:2.3:a:otrs:otrs:2.4.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.1:::::::*
cpe:2.3:a:otrs:otrs:2.4.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.10:::::::*
cpe:2.3:a:otrs:otrs:2.4.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.11:::::::*
cpe:2.3:a:otrs:otrs:2.4.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.12:::::::*
cpe:2.3:a:otrs:otrs:2.4.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.13:::::::*
cpe:2.3:a:otrs:otrs:2.4.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.2:::::::*
cpe:2.3:a:otrs:otrs:2.4.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.3:::::::*
cpe:2.3:a:otrs:otrs:2.4.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.4:::::::*
cpe:2.3:a:otrs:otrs:2.4.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.5:::::::*
cpe:2.3:a:otrs:otrs:2.4.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.6:::::::*
cpe:2.3:a:otrs:otrs:2.4.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.7:::::::*
cpe:2.3:a:otrs:otrs:2.4.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.8:::::::*
cpe:2.3:a:otrs:otrs:2.4.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.4.9:::::::*
cpe:2.3:a:otrs:otrs:3.0.0:beta1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.0:beta1::::::
cpe:2.3:a:otrs:otrs:3.0.0:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.0:beta2::::::
cpe:2.3:a:otrs:otrs:3.0.0:beta3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.0:beta3::::::
cpe:2.3:a:otrs:otrs:3.0.0:beta4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.0:beta4::::::
cpe:2.3:a:otrs:otrs:3.0.0:beta5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.0:beta5::::::
cpe:2.3:a:otrs:otrs:3.0.0:beta6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.0:beta6::::::
cpe:2.3:a:otrs:otrs:3.0.0:beta7::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.0:beta7::::::
cpe:2.3:a:otrs:otrs:3.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.1:::::::*
cpe:2.3:a:otrs:otrs:3.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.10:::::::*
cpe:2.3:a:otrs:otrs:3.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.11:::::::*
cpe:2.3:a:otrs:otrs:3.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.12:::::::*
cpe:2.3:a:otrs:otrs:3.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.13:::::::*
cpe:2.3:a:otrs:otrs:3.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.14:::::::*
cpe:2.3:a:otrs:otrs:3.0.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.15:::::::*
cpe:2.3:a:otrs:otrs:3.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.2:::::::*
cpe:2.3:a:otrs:otrs:3.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.3:::::::*
cpe:2.3:a:otrs:otrs:3.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.4:::::::*
cpe:2.3:a:otrs:otrs:3.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.5:::::::*
cpe:2.3:a:otrs:otrs:3.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.6:::::::*
cpe:2.3:a:otrs:otrs:3.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.7:::::::*
cpe:2.3:a:otrs:otrs:3.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.8:::::::*
cpe:2.3:a:otrs:otrs:3.0.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.0.9:::::::*
cpe:2.3:a:otrs:otrs:3.1.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.0:::::::*
cpe:2.3:a:otrs:otrs:3.1.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.1:::::::*
cpe:2.3:a:otrs:otrs:3.1.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.2:::::::*
cpe:2.3:a:otrs:otrs:3.1.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.3:::::::*
cpe:2.3:a:otrs:otrs:3.1.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.4:::::::*
cpe:2.3:a:otrs:otrs:3.1.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.5:::::::*
cpe:2.3:a:otrs:otrs:3.1.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.6:::::::*
cpe:2.3:a:otrs:otrs:3.1.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.7:::::::*
cpe:2.3:a:otrs:otrs:3.1.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.8:::::::*
cpe:2.3:a:otrs:otrs:3.1.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:3.1.9:::::::*
cpe:2.3:a:otrs:otrs_itsm:3.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_itsm:3.0.0:::::::*
cpe:2.3:a:otrs:otrs_itsm:3.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_itsm:3.0.1:::::::*
cpe:2.3:a:otrs:otrs_itsm:3.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_itsm:3.0.2:::::::*
cpe:2.3:a:otrs:otrs_itsm:3.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_itsm:3.0.3:::::::*
cpe:2.3:a:otrs:otrs_itsm:3.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_itsm:3.0.4:::::::*
cpe:2.3:a:otrs:otrs_itsm:3.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_itsm:3.0.5:::::::*
cpe:2.3:a:otrs:otrs_itsm:3.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs_itsm:3.0.6:::::::*
CVE-2012-4600		https://nvd.nist.gov/vuln/detail/CVE-2012-4600
CVE-2012-4751;CVE-2012-4600;OSVDB-85074	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/webapps/22070.py
CVE-2012-4751;CVE-2012-4600;OSVDB-85074	Exploit	http://znuny.com/#!/advisory/ZSA-2012-03
CVE-2012-4751;OSVDB-85074;CVE-2012-4600	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/webapps/20959.py
CVE-2012-4751;OSVDB-85074;CVE-2012-4600	Exploit	http://znuny.com/#!/advisory/ZSA-2012-02