Candidate: CVE-2018-17883
PublicDate: 2018-10-09
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17883
 https://community.otrs.com/security-advisory-2018-06-security-update-for-otrs-framework/
 https://github.com/OTRS/otrs/commit/40bbcc261a77c2f4c0383658cd99c07d577179ce
Description:
 An attacker could send an email with a malicious link to an OTRS system
 or an agent. If a logged in agent opens this link, it could cause the
 execution of JavaScript in the context of OTRS.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 


Patches_otrs2:
upstream_otrs2: released (6.0.12-1)
precise/esm_otrs2: DNE
trusty_otrs2: not-affected
trusty/esm_otrs2: DNE (trusty was not-affected)
xenial_otrs2: not-affected
bionic_otrs2: needed
cosmic_otrs2: ignored (reached end-of-life)
disco_otrs2: not-affected (6.0.13-1)
eoan_otrs2: not-affected (6.0.13-1)
focal_otrs2: not-affected (6.0.13-1)
groovy_otrs2: not-affected (6.0.13-1)
hirsute_otrs2: not-affected (6.0.13-1)
impish_otrs2: not-affected (6.0.13-1)
jammy_otrs2: not-affected (6.0.13-1)
devel_otrs2: not-affected (6.0.13-1)