Gratis scannen
LOWCVE-2022-0473CVSS 3.8

Dynamic field error message is vulnerable to XSS

wordt vertaald…

Platform

otrs

Component

otrs

Opgelost in

7.0.32

AI Confidence: highNVDEPSS 0.4%Beoordeeld: mei 2026
Bekijk op NVD
Opslaan
Wordt vertaald naar uw taal…

CVE-2022-0473 describes a cross-site scripting (XSS) vulnerability in OTRS versions 7.0.0 through 7.0.31. This vulnerability allows an attacker to inject malicious JavaScript code into the error message of a regular expression check within dynamic fields. Exploitation requires administrator privileges and can lead to code execution within the administrator's browser session. A patch is available to resolve this issue.

Impact en Aanvalsscenarioswordt vertaald…

Successful exploitation of CVE-2022-0473 could allow an attacker to execute arbitrary JavaScript code in the context of an OTRS administrator's browser. This could lead to session hijacking, credential theft, or defacement of the OTRS interface. The attacker could potentially gain access to sensitive data stored within OTRS, including customer information, support tickets, and internal communications. While the CVSS score is LOW, the potential for administrator account compromise makes this a significant risk, particularly in environments where OTRS is used to manage critical business processes.

Uitbuitingscontextwordt vertaald…

CVE-2022-0473 was publicly disclosed on February 7, 2022. No public proof-of-concept (PoC) code has been widely reported. The vulnerability's LOW severity rating and lack of public exploits suggest a low probability of active exploitation at this time. It is not listed on the CISA KEV catalog.

Wie Loopt Risicowordt vertaald…

Organizations using OTRS for customer support or IT service management are at risk, particularly those relying on OTRS administrators with broad privileges. Environments with custom dynamic field configurations or legacy OTRS installations are especially vulnerable.

Detectiestappenwordt vertaald…

• otrs: Examine OTRS dynamic field configurations for suspicious regular expressions or unusual characters.

# Example: Search for potentially malicious code in dynamic field definitions
grep -r 'alert\(' /opt/otrs/ -print0 | xargs -0 grep -i 'script'

• generic web: Monitor OTRS access logs for unusual requests containing JavaScript code in dynamic field parameters.

# Example: Search for JavaScript code in OTRS access logs
grep -i 'alert(' /var/log/apache2/access.log

Aanvalstijdlijn

  1. Disclosure

    disclosure

Dreigingsinformatie

Exploit Status

Proof of ConceptOnbekend
CISA KEVNO
InternetblootstellingHoog

EPSS

0.36% (58% percentiel)

CVSS-vector

DREIGINGSINFORMATIE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N3.8LOWAttack VectorNetworkHoe de aanvaller het doel bereiktAttack ComplexityLowVereiste omstandigheden om te exploiterenPrivileges RequiredHighVereist authenticatieniveau voor aanvalUser InteractionNoneOf het slachtoffer actie moet ondernemenScopeUnchangedImpact buiten het getroffen onderdeelConfidentialityLowRisico op blootstelling van gevoelige dataIntegrityLowRisico op ongeautoriseerde gegevenswijzigingAvailabilityNoneRisico op verstoring van dienstennextguardhq.com · CVSS v3.1 Basisscore
Wat betekenen deze metrics?
Attack Vector
Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
Attack Complexity
Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
Privileges Required
Hoog — beheerder of geprivilegieerd account vereist.
User Interaction
Geen — automatische en stille aanval. Slachtoffer doet niets.
Scope
Ongewijzigd — impact beperkt tot het kwetsbare component.
Confidentiality
Laag — gedeeltelijke toegang tot enkele gegevens.
Integrity
Laag — aanvaller kan enkele gegevens met beperkte omvang aanpassen.
Availability
Geen — geen beschikbaarheidsimpact.

Getroffen Software

Componentotrs
LeverancierOTRS AG
Getroffen bereikOpgelost in
7.0.x – 7.0.317.0.32

Zwakheidsclassificatie (CWE)

CWE-79

Tijdlijn

  1. Gereserveerd
  2. Gepubliceerd
  3. Gewijzigd
  4. EPSS bijgewerkt
Geen patch — 1567 dagen na openbaarmaking

Mitigatie en Workaroundswordt vertaald…

The primary mitigation for CVE-2022-0473 is to upgrade to a patched version of OTRS. Consult the official OTRS advisory for the specific version containing the fix. As a temporary workaround, administrators should carefully review and validate all dynamic field configurations, paying close attention to regular expression checks. Implement strict input validation and sanitization on all user-supplied data used in dynamic fields. Consider using a Web Application Firewall (WAF) with XSS filtering rules to block malicious payloads.

Hoe te verhelpenwordt vertaald…

Actualice OTRS a una versión posterior a la 7.0.31. Esto solucionará la vulnerabilidad XSS en los mensajes de error de los campos dinámicos.

CVE Beveiligingsnieuwsbrief

Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.

Veelgestelde vragenwordt vertaald…

What is CVE-2022-0473 — XSS in OTRS?

CVE-2022-0473 is a cross-site scripting (XSS) vulnerability in OTRS versions 7.0.0–7.0.31 that allows attackers to inject malicious JavaScript code.

Am I affected by CVE-2022-0473 in OTRS?

You are affected if you are running OTRS versions 7.0.0 through 7.0.31 and have not upgraded to a patched version.

How do I fix CVE-2022-0473 in OTRS?

Upgrade to a patched version of OTRS. Consult the official OTRS advisory for the specific version containing the fix.

Is CVE-2022-0473 being actively exploited?

There are no widespread reports of active exploitation, but the vulnerability remains a potential risk.

Where can I find the official OTRS advisory for CVE-2022-0473?

Refer to the official OTRS security advisory for details: [https://otrs.com/security-advisories/otrs-security-advisory-2022-0473/](https://otrs.com/security-advisories/otrs-security-advisory-2022-0473/)

Is jouw project getroffen?

Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.

Gratis scannenCVEs zoeken