VYPR
Unrated severityNVD Advisory· Published Mar 21, 2022· Updated Sep 17, 2024

Possible XSS attack via translation

CVE-2022-0475

Description

Malicious translator is able to inject JavaScript code in few translatable strings (where HTML is allowed). The code could be executed in the Package manager. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.32 and prior versions, 8.0.x version: 8.0.19 and prior versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • OTRS/Otrsllm-fuzzy2 versions
    7.0.x <= 7.0.32; 8.0.x <= 8.0.19+ 1 more
    • (no CPE)range: 7.0.x <= 7.0.32; 8.0.x <= 8.0.19
    • (no CPE)range: 7.0.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.