NVD

Id
46071  
Name
CVE-2012-4751  
Description
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.15, 3.0.x before 3.0.17, and 3.1.x before 3.1.11 allows remote attackers to inject arbitrary web script or HTML via an e-mail message body with whitespace before a javascript: URL in the SRC attribute of an element, as demonstrated by an IFRAME element.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2012-10-22  
Modified Date
2013-06-04  
Seq
2012-4751  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
231203 46071 CVE-2012-4751 openSUSE-SU-2013:0145  View
231204 46071 CVE-2012-4751 http://packetstormsecurity.org/files/117504/OTRS-3.1-Cross-Site-Scripting.html  View
231205 46071 CVE-2012-4751 VU#603276  View
231206 46071 CVE-2012-4751 http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2012-03/  View
231207 46071 CVE-2012-4751 56093  View
231208 46071 CVE-2012-4751 http://znuny.com/assets/proof_of_concept_cve_2012-4751-znuny.py  View
231209 46071 CVE-2012-4751 http://znuny.com/en/#!/advisory/ZSA-2012-03  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
29297 JVNDB-2012-005004 OTRS にクロスサイトスクリプティングの脆弱性 OTRS には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-4751 57989 CVE-2012-4751 46071 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005004.html 2012-10-18 2012-10-23 View