CVE-2013-2637 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-2637 Interim 1 10 2023-12-08T02:39:12Z current 2021-05-30T13:12:28Z 2023-12-08T02:39:12Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-2637 A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed otrs-3.3.16-37.1 otrs-doc-3.3.16-37.1 otrs-itsm-3.3.14-37.1 otrs-3.3.16-37.1 as a component of openSUSE Tumbleweed otrs-doc-3.3.16-37.1 as a component of openSUSE Tumbleweed otrs-itsm-3.3.14-37.1 as a component of openSUSE Tumbleweed A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code. CVE-2013-2637 openSUSE Tumbleweed:otrs-3.3.16-37.1 openSUSE Tumbleweed:otrs-doc-3.3.16-37.1 openSUSE Tumbleweed:otrs-itsm-3.3.14-37.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N