header-logo
Suggest Exploit
vendor:
OTRS
by:
5.5
CVSS
MEDIUM
Input-Validation
20
CWE
Product Name: OTRS
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

OTRS Multiple Input-Validation Vulnerabilities

The OTRS application is prone to multiple input-validation vulnerabilities due to a failure in properly sanitizing user-supplied input. These vulnerabilities include SQL-injection, HTML-injection, and cross-site scripting vulnerabilities.

Mitigation:

To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization techniques in the OTRS application.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15537/info

OTRS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.

The application is prone to multiple SQL-injection vulnerabilities, an HTML-injection vulnerability, and multiple cross-site scripting vulnerabilities. 

http://www.example.com/index.pl?Action=Login&User=%27[SQL_HERE]

Navigation

Suggest Exploit

Services By CQR