[Bug 1203130] VUL-0: CVE-2022-39049: otrs: An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS.

http://bugzilla.opensuse.org/show_bug.cgi?id=1203130 http://bugzilla.opensuse.org/show_bug.cgi?id=1203130#c2 Christian Wittmer changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |thomas.leroy@suse.com Resolution|--- |WONTFIX Flags| |needinfo?(thomas.leroy@suse | |.com) --- Comment #2 from Christian Wittmer --- OTRS Community is EOL hence there won't be any fixes anymore. Kindly switch to OTOBO ( https://otobo.de/en/community/ ): http://download.opensuse.org/repositories/Application:/ITS:/otobo/ -- You are receiving this mail because: You are on the CC list for the bug.