Vulnerabilities > Otrs > Otrs > 2.2.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-03-18 | CVE-2008-7275 | Cross-Site Scripting vulnerability in Otrs Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) before 2.3.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) AgentTicketMailbox or (2) CustomerTicketOverView. | 4.3 |
2011-03-11 | CVE-2011-0456 | OS Command Injection vulnerability in Otrs webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability." | 7.5 |