Candidate: CVE-2014-2553
PublicDate: 2014-04-02 16:05:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2553
 https://www.otrs.com/security-advisory-2014-04-xss-issue/
Description:
 Cross-site scripting (XSS) vulnerability in Open Ticket Request System
 (OTRS) 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6
 allows remote authenticated users to inject arbitrary web script or HTML
 via vectors related to dynamic fields.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-2553
Priority: medium
Discovered-by: Renée Bäcker
Assigned-to:
CVSS: 

Patches_otrs2:
upstream_otrs2: released (3.3.6-1)
lucid_otrs2: ignored (reached end-of-life)
precise_otrs2: ignored (reached end-of-life)
precise/esm_otrs2: DNE (precise was needed)
quantal_otrs2: ignored (reached end-of-life)
saucy_otrs2: ignored (reached end-of-life)
trusty_otrs2: ignored (reached end-of-life)
trusty/esm_otrs2: DNE (trusty was needed)
utopic_otrs2: not-affected (3.3.6-1)
vivid_otrs2: not-affected (3.3.6-1)
vivid/stable-phone-overlay_otrs2: DNE
vivid/ubuntu-core_otrs2: DNE
wily_otrs2: not-affected (3.3.6-1)
xenial_otrs2: not-affected (3.3.6-1)
yakkety_otrs2: not-affected (3.3.6-1)
zesty_otrs2: not-affected (3.3.6-1)
artful_otrs2: not-affected (3.3.6-1)
bionic_otrs2: not-affected (3.3.6-1)
cosmic_otrs2: not-affected (3.3.6-1)
disco_otrs2: not-affected (3.3.6-1)
devel_otrs2: not-affected (3.3.6-1)