XSS Vulnerability in OTRS 4.0.x and 5.0.x

CVE-2018-19141 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.

Learn more about our User Device Pen Test.