Improper handling of uploaded inline images
Description
Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper handling of uploaded images in OTRS allows cross-site scripting (XSS) via a crafted SVG file rendered as inline jpg in very rare conditions.
Vulnerability
Due to improper handling of uploaded images, a specially crafted SVG file rendered as an inline jpg file can force an agent's browser to execute malicious JavaScript. This affects ((OTRS)) Community Edition 5.0.x up to 5.0.39, 6.0.x up to 6.0.24, and OTRS 7.0.x up to 7.0.13 [1].
Exploitation
An attacker with valid agent credentials (privilege required) can upload a crafted SVG file disguised as a jpg. The attack requires user interaction (the agent must view the inline image) and is considered very unlikely and rare due to specific conditions needed [1].
Impact
Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the agent's browser. This can lead to minor integrity impact (modification of some data) but not confidentiality or availability loss, as reflected by a CVSS v3.1 score of 3.5 (Low) [1].
Mitigation
The fixed versions are OTRS 7.0.14, ((OTRS)) Community Edition 6.0.25, and ((OTRS)) Community Edition 5.0.40. Patches are available via GitHub commits [1]. Upgrade to these versions to mitigate the vulnerability.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
8- osv-coords5 versionspkg:rpm/opensuse/otrs&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/otrs&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015%20SP2
< 5.0.42-bp151.3.3.1+ 4 more
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 6.0.29-bp152.2.5.4
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 6.0.29-bp152.2.5.4
- OTRS AG/((OTRS)) Community Editionv5Range: 5.0.x version 5.0.39 and prior versions
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.htmlmitrevendor-advisory
- lists.debian.org/debian-lts-announce/2020/01/msg00027.htmlmitremailing-list
- lists.debian.org/debian-lts-announce/2023/08/msg00040.htmlmitremailing-list
- otrs.com/release-notes/otrs-security-advisory-2020-02/mitre
News mentions
0No linked articles in our index yet.