VYPR
Medium severity5.4NVD Advisory· Published Mar 13, 2019· Updated Jun 17, 2026

CVE-2019-9752

CVE-2019-9752

Description

An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.