CVE-2007-2524

OTRS 2.0.x - Cross-Site Scripting via Subaction Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2524. PoCs published by ciri.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in OTRS 2.0.4, where user-supplied input is not properly sanitized. The example URL demonstrates how an attacker could inject arbitrary script code via the 'Subaction' parameter.

Description

Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket Request System (OTRS) 2.0.x allows remote attackers to inject arbitrary web script or HTML via the Subaction parameter in an AgentTicketMailbox Action. NOTE: DEBIAN:DSA-1299 originally used this identifier for an ipsec-tools issue, but the proper identifier for the ipsec-tools issue is CVE-2007-1841.

Exploits (1)

exploitdb WRITEUP VERIFIED
by ciri · textwebappscgi
https://www.exploit-db.com/exploits/29962

The provided text describes a cross-site scripting (XSS) vulnerability in OTRS 2.0.4, where user-supplied input is not properly sanitized. The example URL demonstrates how an attacker could inject arbitrary script code via the 'Subaction' parameter.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: OTRS 2.0.4
No auth needed
Prerequisites: Access to a vulnerable OTRS instance · Ability to craft a malicious URL
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (14)

Core 14
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1698
Exploit, Vendor Advisory x_refsource_misc
http://www.virtuax.be/?page=library&id=35&type=Exploits
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/471192/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34164
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23862
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25205
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/35822
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2007/dsa-1298
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2668
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_13_sr.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/467870/100/0/threaded
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25787
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25419
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/35821

Scores

EPSS 0.0454
EPSS Percentile 90.5%

Details

CWE
CWE-79
Status published
Products (1)
otrs/otrs 2.0.4
Published May 08, 2007
Tracked Since Feb 18, 2026