1 results (0.002 seconds)
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21442 – XSS vulnerability in Time Accounting
https://notcve.org/view.php?id=CVE-2021-21442
26 Jul 2021 — In the project create screen it's possible to inject malicious JS code to the certain fields. The code might be executed in the Reporting screen. This issue affects: OTRS AG Time Accounting: 7.0.x versions prior to 7.0.19. En la pantalla de creación del proyecto es posible inyectar código JS malicioso en determinados campos. El código puede ser ejecutado en la pantalla de Informes. • https://otrs.com/release-notes/otrs-security-advisory-2021-12 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •