{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"low"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2019-9751","title":"Title"},{"category":"description","text":"An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2019-9751","url":"https://www.suse.com/security/cve/CVE-2019-9751"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1129755 for CVE-2019-9751","url":"https://bugzilla.suse.com/1129755"}],"title":"SUSE CVE CVE-2019-9751","tracking":{"current_release_date":"2025-02-17T07:48:18Z","generator":{"date":"2023-02-15T04:14:21Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2019-9751","initial_release_date":"2023-02-15T04:14:21Z","revision_history":[{"date":"2023-02-15T04:14:21Z","number":"2","summary":"Current version"},{"date":"2025-01-01T06:40:54Z","number":"3","summary":"Current version"},{"date":"2025-02-15T07:22:48Z","number":"4","summary":"Current version"},{"date":"2025-02-17T07:48:18Z","number":"5","summary":"Current version"}],"status":"interim","version":"5"}}}