2017-05-05
ALT-BU-2017-3097-1
Branch sisyphus update bulletin.
Package gvfs-shares updated to version 1.2-alt1 for branch sisyphus in task 182460.
Closed bugs
Неработоспособен, т.к. нет gvfs-mount
Closed vulnerabilities
Published: 2017-02-17
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-9139
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment.
Severity: MEDIUM (6.1)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References:
Published: 2019-05-22
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-10066
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS.
Severity: MEDIUM (5.4)
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
References: