Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-x364-fse4-mfd8

Summary Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket Request System (OTRS) 2.0.x allows remote attackers to inject arbitrary web script or HTML via the Subaction parameter in an AgentTicketMailbox Action. NOTE: DEBIAN:DSA-1299 originally used this identifier for an ipsec-tools issue, but the proper identifier for the ipsec-tools issue is CVE-2007-1841.

Aliases

alias	CVE-2007-2524

Fixed_packages

url	pkg:deb/debian/otrs2@2.1.1-1?distro=bullseye
purl	pkg:deb/debian/otrs2@2.1.1-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@2.1.1-1%3Fdistro=bullseye

url pkg:deb/debian/otrs2@2.2.7-2lenny3

purl pkg:deb/debian/otrs2@2.2.7-2lenny3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1rfw-hy3t-4fgd

vulnerability	VCID-23kg-6hy8-2kfb

vulnerability	VCID-35gr-98mg-1yfe

vulnerability	VCID-3s9f-prpy-hbcx

vulnerability	VCID-47tp-xcrf-vkf4

vulnerability	VCID-4b65-r8kc-xbcm

vulnerability	VCID-5618-53yg-8qh4

vulnerability	VCID-57jx-quzh-fubc

vulnerability	VCID-59ez-3fcw-9ke1

vulnerability	VCID-5f4u-bk7e-fyb8

vulnerability	VCID-6jek-tqbt-rfhc

vulnerability	VCID-6xvb-p7ds-97bw

vulnerability	VCID-78dd-x8vv-xbc5

vulnerability	VCID-79tb-zy1a-tqaf

vulnerability	VCID-7jwd-q7gg-6baf

vulnerability	VCID-9431-8f5f-rfct

vulnerability	VCID-95xu-bm4v-hfbj

vulnerability	VCID-9aug-utyb-3fbg

vulnerability	VCID-9fth-879g-a3fn

vulnerability	VCID-9v46-tmyq-f7bb

vulnerability	VCID-9vrg-8wae-93ec

vulnerability	VCID-a286-32jj-eubk

vulnerability	VCID-az3g-bkpz-jyfs

vulnerability	VCID-c8cb-aar4-qqhm

vulnerability	VCID-ced2-4qvr-2yge

vulnerability	VCID-cjbr-pbsr-xuaw

vulnerability	VCID-cvxb-rw2p-vuab

vulnerability	VCID-cvxp-ctj9-guej

vulnerability	VCID-cwxd-pja8-g3a2

vulnerability	VCID-cyn6-w9ue-1fdv

vulnerability	VCID-d4t9-s9ws-uugb

vulnerability	VCID-dbgf-5hx5-y3f4

vulnerability	VCID-dqpp-t4x2-afa9

vulnerability	VCID-dr9z-69dm-akb9

vulnerability	VCID-drd1-bnmf-57c9

vulnerability	VCID-e7ak-45qz-cfa9

vulnerability	VCID-enp1-vd1n-ffg9

vulnerability	VCID-ew2x-9cat-v3h1

vulnerability	VCID-f2cv-jtcy-gugt

vulnerability	VCID-f61h-w9k8-b7ax

vulnerability	VCID-fz8v-murm-1khj

vulnerability	VCID-g2j2-tn4a-uqd3

vulnerability	VCID-gjjf-d58f-m7gu

vulnerability	VCID-gys4-65yj-xbhg

vulnerability	VCID-h4xp-dgt9-jfhb

vulnerability	VCID-h7nm-zq34-fqbs

vulnerability	VCID-hhhq-1zgu-hqep

vulnerability	VCID-j27v-9g2t-5qab

vulnerability	VCID-jg6y-p28f-dbd8

vulnerability	VCID-jr2g-4ag6-hqey

vulnerability	VCID-jv8f-vz24-67c2

vulnerability	VCID-k5qf-ntan-nyar

vulnerability	VCID-kkx1-64uf-87hf

vulnerability	VCID-me18-9d3t-a7gr

vulnerability	VCID-msa1-r3ax-zkeb

vulnerability	VCID-mvf7-hk9h-zfa4

vulnerability	VCID-n57t-8s1v-xkaw

vulnerability	VCID-n6bx-62mu-nkge

vulnerability	VCID-p1rf-q72p-bbg9

vulnerability	VCID-p92a-hwnk-dfg7

vulnerability	VCID-pmnn-f6z1-gbct

vulnerability	VCID-puce-kthm-jfa7

vulnerability	VCID-pxet-jht5-hucw

vulnerability	VCID-q4vw-md7c-53bs

vulnerability	VCID-qgs4-4qpa-3kbu

vulnerability	VCID-qu28-hr3t-kkca

vulnerability	VCID-r7b9-qwh3-7bhr

vulnerability	VCID-rg2d-x2j3-jycq

vulnerability	VCID-s4ps-ebu4-6bh5

vulnerability	VCID-sxy7-tjmp-qbh2

vulnerability	VCID-t2up-pp1r-xkdu

vulnerability	VCID-t7ay-kqzz-zbbd

vulnerability	VCID-tekr-xkck-pkfu

vulnerability	VCID-u3ed-wmjx-9fcq

vulnerability	VCID-u8xm-v9ek-yuar

vulnerability	VCID-ujf1-bbf4-abch

vulnerability	VCID-ujjt-5d77-r3ex

vulnerability	VCID-vahe-evfr-w7hd

vulnerability	VCID-vgt6-eqab-cua9

vulnerability	VCID-vswx-e9p8-1ugn

vulnerability	VCID-vvz9-sxyf-u7bn

vulnerability	VCID-wueh-6rd8-zyg8

vulnerability	VCID-wzt8-htew-x3dn

vulnerability	VCID-xpgf-xhha-6kfh

vulnerability	VCID-ybrp-zh2m-wuh1

vulnerability	VCID-yj7p-1amk-a3fh

vulnerability	VCID-ynpn-ctc2-zbhy

vulnerability	VCID-z2ek-mhha-ubhf

vulnerability	VCID-zhu3-aqgx-j3ba

vulnerability	VCID-zsed-p23e-b7g8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@2.2.7-2lenny3

url	pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl	pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye

Affected_packages

url pkg:deb/debian/otrs2@2.0.4p01-17

purl pkg:deb/debian/otrs2@2.0.4p01-17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1rfw-hy3t-4fgd

vulnerability	VCID-23kg-6hy8-2kfb

vulnerability	VCID-35gr-98mg-1yfe

vulnerability	VCID-3s9f-prpy-hbcx

vulnerability	VCID-3vwj-r1ap-kuhr

vulnerability	VCID-47tp-xcrf-vkf4

vulnerability	VCID-4b65-r8kc-xbcm

vulnerability	VCID-5618-53yg-8qh4

vulnerability	VCID-57jx-quzh-fubc

vulnerability	VCID-59ez-3fcw-9ke1

vulnerability	VCID-5f4u-bk7e-fyb8

vulnerability	VCID-6jek-tqbt-rfhc

vulnerability	VCID-6xvb-p7ds-97bw

vulnerability	VCID-78dd-x8vv-xbc5

vulnerability	VCID-79tb-zy1a-tqaf

vulnerability	VCID-7jwd-q7gg-6baf

vulnerability	VCID-9431-8f5f-rfct

vulnerability	VCID-95xu-bm4v-hfbj

vulnerability	VCID-9aug-utyb-3fbg

vulnerability	VCID-9fth-879g-a3fn

vulnerability	VCID-9v46-tmyq-f7bb

vulnerability	VCID-9vrg-8wae-93ec

vulnerability	VCID-a286-32jj-eubk

vulnerability	VCID-az3g-bkpz-jyfs

vulnerability	VCID-c8cb-aar4-qqhm

vulnerability	VCID-ced2-4qvr-2yge

vulnerability	VCID-cjbr-pbsr-xuaw

vulnerability	VCID-cvxb-rw2p-vuab

vulnerability	VCID-cvxp-ctj9-guej

vulnerability	VCID-cwxd-pja8-g3a2

vulnerability	VCID-cyn6-w9ue-1fdv

vulnerability	VCID-d4t9-s9ws-uugb

vulnerability	VCID-dbgf-5hx5-y3f4

vulnerability	VCID-dqpp-t4x2-afa9

vulnerability	VCID-dr9z-69dm-akb9

vulnerability	VCID-drd1-bnmf-57c9

vulnerability	VCID-e7ak-45qz-cfa9

vulnerability	VCID-enp1-vd1n-ffg9

vulnerability	VCID-ew2x-9cat-v3h1

vulnerability	VCID-f2cv-jtcy-gugt

vulnerability	VCID-f61h-w9k8-b7ax

vulnerability	VCID-fz8v-murm-1khj

vulnerability	VCID-g2j2-tn4a-uqd3

vulnerability	VCID-gjjf-d58f-m7gu

vulnerability	VCID-gvwu-31f2-gqgm

vulnerability	VCID-gys4-65yj-xbhg

vulnerability	VCID-h4xp-dgt9-jfhb

vulnerability	VCID-h7nm-zq34-fqbs

vulnerability	VCID-hhhq-1zgu-hqep

vulnerability	VCID-j27v-9g2t-5qab

vulnerability	VCID-j31q-dmec-qyg9

vulnerability	VCID-jg6y-p28f-dbd8

vulnerability	VCID-jr2g-4ag6-hqey

vulnerability	VCID-jv8f-vz24-67c2

vulnerability	VCID-k5qf-ntan-nyar

vulnerability	VCID-kkx1-64uf-87hf

vulnerability	VCID-me18-9d3t-a7gr

vulnerability	VCID-msa1-r3ax-zkeb

vulnerability	VCID-mvf7-hk9h-zfa4

vulnerability	VCID-n57t-8s1v-xkaw

vulnerability	VCID-n6bx-62mu-nkge

vulnerability	VCID-p1rf-q72p-bbg9

vulnerability	VCID-p92a-hwnk-dfg7

vulnerability	VCID-pmnn-f6z1-gbct

vulnerability	VCID-puce-kthm-jfa7

vulnerability	VCID-pxet-jht5-hucw

vulnerability	VCID-q4vw-md7c-53bs

vulnerability	VCID-qgs4-4qpa-3kbu

vulnerability	VCID-qu28-hr3t-kkca

vulnerability	VCID-r7b9-qwh3-7bhr

vulnerability	VCID-rg2d-x2j3-jycq

vulnerability	VCID-s1kr-mduu-mqc5

vulnerability	VCID-s4ps-ebu4-6bh5

vulnerability	VCID-sxy7-tjmp-qbh2

vulnerability	VCID-t2up-pp1r-xkdu

vulnerability	VCID-t7ay-kqzz-zbbd

vulnerability	VCID-tekr-xkck-pkfu

vulnerability	VCID-u3ed-wmjx-9fcq

vulnerability	VCID-u8xm-v9ek-yuar

vulnerability	VCID-ujf1-bbf4-abch

vulnerability	VCID-ujjt-5d77-r3ex

vulnerability	VCID-vahe-evfr-w7hd

vulnerability	VCID-vgt6-eqab-cua9

vulnerability	VCID-vswx-e9p8-1ugn

vulnerability	VCID-vvz9-sxyf-u7bn

vulnerability	VCID-wueh-6rd8-zyg8

vulnerability	VCID-wzt8-htew-x3dn

vulnerability	VCID-x364-fse4-mfd8

vulnerability	VCID-xpgf-xhha-6kfh

vulnerability	VCID-xqdc-eyvz-qkbw

vulnerability	VCID-ybrp-zh2m-wuh1

vulnerability	VCID-yj7p-1amk-a3fh

vulnerability	VCID-ynpn-ctc2-zbhy

vulnerability	VCID-z2ek-mhha-ubhf

vulnerability	VCID-zhu3-aqgx-j3ba

vulnerability	VCID-zsed-p23e-b7g8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@2.0.4p01-17

url pkg:deb/debian/otrs2@2.0.4p01-18

purl pkg:deb/debian/otrs2@2.0.4p01-18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1rfw-hy3t-4fgd

vulnerability	VCID-23kg-6hy8-2kfb

vulnerability	VCID-35gr-98mg-1yfe

vulnerability	VCID-3s9f-prpy-hbcx

vulnerability	VCID-3vwj-r1ap-kuhr

vulnerability	VCID-47tp-xcrf-vkf4

vulnerability	VCID-4b65-r8kc-xbcm

vulnerability	VCID-5618-53yg-8qh4

vulnerability	VCID-57jx-quzh-fubc

vulnerability	VCID-59ez-3fcw-9ke1

vulnerability	VCID-5f4u-bk7e-fyb8

vulnerability	VCID-6jek-tqbt-rfhc

vulnerability	VCID-6xvb-p7ds-97bw

vulnerability	VCID-78dd-x8vv-xbc5

vulnerability	VCID-79tb-zy1a-tqaf

vulnerability	VCID-7jwd-q7gg-6baf

vulnerability	VCID-9431-8f5f-rfct

vulnerability	VCID-95xu-bm4v-hfbj

vulnerability	VCID-9aug-utyb-3fbg

vulnerability	VCID-9fth-879g-a3fn

vulnerability	VCID-9v46-tmyq-f7bb

vulnerability	VCID-9vrg-8wae-93ec

vulnerability	VCID-a286-32jj-eubk

vulnerability	VCID-az3g-bkpz-jyfs

vulnerability	VCID-c8cb-aar4-qqhm

vulnerability	VCID-ced2-4qvr-2yge

vulnerability	VCID-cjbr-pbsr-xuaw

vulnerability	VCID-cvxb-rw2p-vuab

vulnerability	VCID-cvxp-ctj9-guej

vulnerability	VCID-cwxd-pja8-g3a2

vulnerability	VCID-cyn6-w9ue-1fdv

vulnerability	VCID-d4t9-s9ws-uugb

vulnerability	VCID-dbgf-5hx5-y3f4

vulnerability	VCID-dqpp-t4x2-afa9

vulnerability	VCID-dr9z-69dm-akb9

vulnerability	VCID-drd1-bnmf-57c9

vulnerability	VCID-e7ak-45qz-cfa9

vulnerability	VCID-enp1-vd1n-ffg9

vulnerability	VCID-ew2x-9cat-v3h1

vulnerability	VCID-f2cv-jtcy-gugt

vulnerability	VCID-f61h-w9k8-b7ax

vulnerability	VCID-fz8v-murm-1khj

vulnerability	VCID-g2j2-tn4a-uqd3

vulnerability	VCID-gjjf-d58f-m7gu

vulnerability	VCID-gvwu-31f2-gqgm

vulnerability	VCID-gys4-65yj-xbhg

vulnerability	VCID-h4xp-dgt9-jfhb

vulnerability	VCID-h7nm-zq34-fqbs

vulnerability	VCID-hhhq-1zgu-hqep

vulnerability	VCID-j27v-9g2t-5qab

vulnerability	VCID-j31q-dmec-qyg9

vulnerability	VCID-jg6y-p28f-dbd8

vulnerability	VCID-jr2g-4ag6-hqey

vulnerability	VCID-jv8f-vz24-67c2

vulnerability	VCID-k5qf-ntan-nyar

vulnerability	VCID-kkx1-64uf-87hf

vulnerability	VCID-me18-9d3t-a7gr

vulnerability	VCID-msa1-r3ax-zkeb

vulnerability	VCID-mvf7-hk9h-zfa4

vulnerability	VCID-n57t-8s1v-xkaw

vulnerability	VCID-n6bx-62mu-nkge

vulnerability	VCID-p1rf-q72p-bbg9

vulnerability	VCID-p92a-hwnk-dfg7

vulnerability	VCID-pmnn-f6z1-gbct

vulnerability	VCID-puce-kthm-jfa7

vulnerability	VCID-pxet-jht5-hucw

vulnerability	VCID-q4vw-md7c-53bs

vulnerability	VCID-qgs4-4qpa-3kbu

vulnerability	VCID-qu28-hr3t-kkca

vulnerability	VCID-r7b9-qwh3-7bhr

vulnerability	VCID-rg2d-x2j3-jycq

vulnerability	VCID-s1kr-mduu-mqc5

vulnerability	VCID-s4ps-ebu4-6bh5

vulnerability	VCID-sxy7-tjmp-qbh2

vulnerability	VCID-t2up-pp1r-xkdu

vulnerability	VCID-t7ay-kqzz-zbbd

vulnerability	VCID-tekr-xkck-pkfu

vulnerability	VCID-u3ed-wmjx-9fcq

vulnerability	VCID-u8xm-v9ek-yuar

vulnerability	VCID-ujf1-bbf4-abch

vulnerability	VCID-ujjt-5d77-r3ex

vulnerability	VCID-vahe-evfr-w7hd

vulnerability	VCID-vgt6-eqab-cua9

vulnerability	VCID-vswx-e9p8-1ugn

vulnerability	VCID-vvz9-sxyf-u7bn

vulnerability	VCID-wueh-6rd8-zyg8

vulnerability	VCID-wzt8-htew-x3dn

vulnerability	VCID-x364-fse4-mfd8

vulnerability	VCID-xpgf-xhha-6kfh

vulnerability	VCID-xqdc-eyvz-qkbw

vulnerability	VCID-ybrp-zh2m-wuh1

vulnerability	VCID-yj7p-1amk-a3fh

vulnerability	VCID-ynpn-ctc2-zbhy

vulnerability	VCID-z2ek-mhha-ubhf

vulnerability	VCID-zhu3-aqgx-j3ba

vulnerability	VCID-zsed-p23e-b7g8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@2.0.4p01-18

References

reference_url	http://osvdb.org/35821
reference_id
reference_type
scores
url	http://osvdb.org/35821

reference_url	http://osvdb.org/35822
reference_id
reference_type
scores
url	http://osvdb.org/35822

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-2524

reference_id

reference_type

scores

value	0.05656
scoring_system	epss
scoring_elements	0.9033
published_at	2026-04-02T12:55:00Z

value	0.05656
scoring_system	epss
scoring_elements	0.90342
published_at	2026-04-04T12:55:00Z

value	0.05656
scoring_system	epss
scoring_elements	0.90346
published_at	2026-04-07T12:55:00Z

value	0.05656
scoring_system	epss
scoring_elements	0.90359
published_at	2026-04-08T12:55:00Z

value	0.05656
scoring_system	epss
scoring_elements	0.90366
published_at	2026-04-09T12:55:00Z

value	0.05656
scoring_system	epss
scoring_elements	0.90327
published_at	2026-04-01T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90542
published_at	2026-04-24T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90541
published_at	2026-04-26T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90538
published_at	2026-04-29T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90549
published_at	2026-05-05T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90567
published_at	2026-05-07T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90578
published_at	2026-05-09T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90576
published_at	2026-05-11T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90585
published_at	2026-05-12T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90599
published_at	2026-05-14T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90518
published_at	2026-04-12T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90511
published_at	2026-04-13T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.9053
published_at	2026-04-16T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90529
published_at	2026-04-18T12:55:00Z

value	0.05802
scoring_system	epss
scoring_elements	0.90527
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-2524

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2524
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2524

reference_url	http://secunia.com/advisories/25205
reference_id
reference_type
scores
url	http://secunia.com/advisories/25205

reference_url	http://secunia.com/advisories/25419
reference_id
reference_type
scores
url	http://secunia.com/advisories/25419

reference_url	http://secunia.com/advisories/25787
reference_id
reference_type
scores
url	http://secunia.com/advisories/25787

reference_url	http://securityreason.com/securityalert/2668
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/2668

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/34164
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/34164

reference_url	http://www.debian.org/security/2007/dsa-1298
reference_id
reference_type
scores
url	http://www.debian.org/security/2007/dsa-1298

reference_url	http://www.novell.com/linux/security/advisories/2007_13_sr.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_13_sr.html

reference_url	http://www.securityfocus.com/archive/1/467870/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/467870/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/471192/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/471192/100/0/threaded

reference_url	http://www.securityfocus.com/bid/23862
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/23862

reference_url	http://www.virtuax.be/?page=library&id=35&type=Exploits
reference_id
reference_type
scores
url	http://www.virtuax.be/?page=library&id=35&type=Exploits

reference_url	http://www.vupen.com/english/advisories/2007/1698
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1698

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=423524
reference_id	423524
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=423524

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.0.4:::::::*
reference_id	cpe:2.3:a:otrs:otrs:2.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:2.0.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-2524

reference_id

CVE-2007-2524

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2007-2524

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/29962.txt
reference_id	CVE-2007-2524;OSVDB-35821
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/29962.txt

reference_url	https://www.securityfocus.com/bid/23862/info
reference_id	CVE-2007-2524;OSVDB-35821
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/23862/info

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Exploits

date_added	2007-05-07
description	OTRS 2.0.4 - index.pl Cross-Site Scripting
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2007-05-07
exploit_type	webapps
platform	cgi
source_date_updated	2013-12-02
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/23862/info

Severity_range_score 4.3 - 4.3

Exploitability 2.0

Weighted_severity 3.9

Risk_score 7.8

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x364-fse4-mfd8

Vulnerability Instance