CVE-2005-3895 | Vulnerability Database | Aqua Security

Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which allows remote attackers to execute arbitrary web script or HTML. NOTE: this particular issue is referred to as XSS by some sources.

Affected Software

Name	Vendor	Start Version	End Version
Otrs	Otrs	2.0.3	2.0.3
Otrs	Otrs	2.0.0	2.0.0
Otrs	Otrs	1.3.2	1.3.2
Otrs	Otrs	1.0.0	1.0.0
Otrs	Otrs	2.0.2	2.0.2
Otrs	Otrs	2.0.1	2.0.1

References

http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt
http://otrs.org/advisory/OSA-2005-01-en/
http://www.securityfocus.com/bid/15537/
http://secunia.com/advisories/17685/
http://www.osvdb.org/21066
http://www.novell.com/linux/security/advisories/2005_30_sr.html
http://secunia.com/advisories/18101
http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/039001.html
http://www.debian.org/security/2006/dsa-973
http://secunia.com/advisories/18887
http://securityreason.com/securityalert/200
http://www.vupen.com/english/advisories/2005/2535
http://marc.info/?l=bugtraq\u0026m=113272360804853\u0026w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/23355

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3895
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html