{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-48209", "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "state": "PUBLISHED", "assignerShortName": "OTRS", "dateReserved": "2026-05-21T12:12:49.645Z", "datePublished": "2026-06-01T03:32:28.473Z", "dateUpdated": "2026-06-01T13:19:45.357Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "OTRS", "vendor": "OTRS AG", "versions": [{"status": "affected", "version": "7.0.x"}]}, {"defaultStatus": "affected", "product": "((OTRS)) Community Edition", "vendor": "OTRS AG", "versions": [{"status": "affected", "version": "6.x"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Special thanks to William Bastos (@chor4o) for reporting this vulnerability"}], "datePublic": "2026-06-01T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.</div><div><br></div><div><p>This issue affects OTRS:</p><ul><li>7.0.x</li></ul>Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected<br></div><div><br></div><div><br></div>"}], "value": "An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\n\nThis issue affects OTRS:\n\n * 7.0.x\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "shortName": "OTRS", "dateUpdated": "2026-06-01T03:32:28.473Z"}, "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-08/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches<br>"}], "value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches"}], "source": {"advisory": "OSA-2026-08", "defect": ["Ticket#2026052110000287", "Ticket#2026041442001606"], "discovery": "EXTERNAL"}, "title": "Reflected XSS in authenticated agent context", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-01T13:19:36.979966Z", "id": "CVE-2026-48209", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-01T13:19:45.357Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-48209", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-01T13:19:36.979966Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-01T13:19:41.513Z"}}], "cna": {"title": "Reflected XSS in authenticated agent context", "source": {"defect": ["Ticket#2026052110000287", "Ticket#2026041442001606"], "advisory": "OSA-2026-08", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Special thanks to William Bastos (@chor4o) for reporting this vulnerability"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "OTRS AG", "product": "OTRS", "versions": [{"status": "affected", "version": "7.0.x"}], "defaultStatus": "unaffected"}, {"vendor": "OTRS AG", "product": "((OTRS)) Community Edition", "versions": [{"status": "affected", "version": "6.x"}], "defaultStatus": "affected"}], "solutions": [{"lang": "en", "value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches", "supportingMedia": [{"type": "text/html", "value": "Update to latest version of OTRS (2026.4.1. or later). Please note that there will be no OTRS 7 patches<br>", "base64": false}]}], "datePublic": "2026-06-01T07:00:00.000Z", "references": [{"url": "https://otrs.com/release-notes/otrs-security-advisory-2026-08/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\n\nThis issue affects OTRS:\n\n * 7.0.x\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected", "supportingMedia": [{"type": "text/html", "value": "<div>An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.</div><div><br></div><div><p>This issue affects OTRS:</p><ul><li>7.0.x</li></ul>Please note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected<br></div><div><br></div><div><br></div>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output"}]}], "providerMetadata": {"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "shortName": "OTRS", "dateUpdated": "2026-06-01T03:32:28.473Z"}}}, "cveMetadata": {"cveId": "CVE-2026-48209", "state": "PUBLISHED", "dateUpdated": "2026-06-01T13:19:45.357Z", "dateReserved": "2026-05-21T12:12:49.645Z", "assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8", "datePublished": "2026-06-01T03:32:28.473Z", "assignerShortName": "OTRS"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into manipulated request URLs, attackers can execute arbitrary script code in the context of an authenticated agent session when the crafted link is opened.\n\nThis issue affects OTRS:\n\n * 7.0.x\n\nPlease note that ((OTRS)) Community Edition 6.x and before are vulnerable. Products based on the ((OTRS)) Community Edition also very likely to be affected"}], "id": "CVE-2026-48209", "lastModified": "2026-06-01T18:12:56.073", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security@otrs.com", "type": "Secondary"}]}, "published": "2026-06-01T04:16:23.257", "references": [{"source": "security@otrs.com", "url": "https://otrs.com/release-notes/otrs-security-advisory-2026-08/"}], "sourceIdentifier": "security@otrs.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-116"}], "source": "security@otrs.com", "type": "Secondary"}]}

{}