Vulnerabilities > Otrs > Survey

DATE CVE VULNERABILITY TITLE RISK
2023-07-24 CVE-2023-38057 Cross-site Scripting vulnerability in Otrs Survey
An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript code in free text answers.
network
low complexity
otrs CWE-79
5.4
5.4
2021-02-08 CVE-2021-21434 Cross-site Scripting vulnerability in Otrs Survey
Survey administrator can craft a survey in such way that malicious code can be executed in the agent interface (i.e.
network
otrs CWE-79
3.5
3.5