CVE-2024-43445 - OTRS MIME Type Inference XSS Vulnerability

CVE ID : CVE-2024-43445 Published : Jan. 27, 2025, 6:15 a.m. | 29 minutes ago Description : A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Autor

Jan 27, 2025 - 07:46

0 1

CVE-2024-43445 - OTRS MIME Type Inference XSS Vulnerability

CVE ID : CVE-2024-43445
Published : Jan. 27, 2025, 6:15 a.m. | 29 minutes ago
Description : A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2024-43445 - OTRS MIME Type Inference XSS Vulnerability

Tags:

Verwandte Beiträge

Follow Us

Popular Posts

Recommended Posts

Popular Tags