Input-Validation Vulnerabilities in OTRS

vendor:

OTRS

by:

Unknown

7.5

CVSS

HIGH

Input-Validation

CWE

Product Name: OTRS

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: YES

Related CWE: CVE-2005-3068

CPE: a:otrs:otrs

Metasploit:

Other Scripts:

Platforms Tested:

2005

Input-Validation Vulnerabilities in OTRS

OTRS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to multiple SQL-injection vulnerabilities, an HTML-injection vulnerability, and multiple cross-site scripting vulnerabilities.

Mitigation:

To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization techniques in the OTRS application.

Source

Input-Validation Vulnerabilities in OTRS

Mitigation:

Exploit-DB raw data: