Security Advisory

CVE-2020-1766

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-10 15:08:57

Last updated 2024-09-17 00:10:59

Assigner OTRS

State PUBLISHED

Description

Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.

← Browse all CVEs View on cve.org ↗