Skip to main content

Faq

3 CVEs product

Monthly

CVE-2021-21438 MEDIUM This Month

Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Faq Otrs
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2016-5843 CRITICAL PATCH Act Now

Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Faq
NVD GitHub
CVSS 3.0
9.4
EPSS
1.0%
CVE-2012-1646 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x before 6.x-1.13 and 7.x-1.x-rc1 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Faq
NVD
CVSS 2.0
4.3
EPSS
0.7%
EPSS 1% CVSS 4.3
MEDIUM This Month

Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Faq Otrs
NVD
EPSS 1% CVSS 9.4
CRITICAL PATCH Act Now

Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Faq
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x before 6.x-1.13 and 7.x-1.x-rc1 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Faq
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy