Security Advisory 2011-01 – Several XSS attacks possible



April 04, 2011 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability.

Report a Vulnerability:


Security Advisory Details

  • Date: Apr 04, 2011
  • Title: Several XSS attacks possible
  • Severity: Less Critical
  • Affected:
    – OTRS Help Desk 2.4.x, 3.0.x
  • Fixed in:
    – OTRS Help Desk 2.4.10, 3.0.7
  • URL:
  • CVE: CVE-2011-1518

Vulnerability Description

This Advisory covers vulnerabilities discovered in the OTRS core system.

Several XSS attacks possible

  • An attacker could trick a logged in user to following a prepared URL inside of the OTRS system which causes a page to be shown that possibly includes malicious JavaScript code because of incorrect escaping during the generation of the HTML page.


Recommended Resolution

Affected by this vulnerability are all releases of OTRS 2.4.x up to and including 2.4.9, as well as all 3.0.x versions up to and including 3.0.6. This vulnerability is fixed in OTRS 2.4.10 and OTRS 3.0.7, and it is recommended to upgrade to one of these versions.

Fixed OTRS releases can be found at:

Here are detailed informations about the required changes:


As a workaround it is also possible to replace the following files with a fixed version.

OTRS 2.4.x:

  • Kernel/Output/HTML/Standard/Warning.dtl
  • Kernel/Output/HTML/Standard/Error.dtl
  • Kernel/Output/HTML/Standard/CustomerError.dtl
  • Kernel/Output/HTML/Lite/Warning.dtl
  • Kernel/Output/HTML/

OTRS 3.0.x:

  • Kernel/Output/HTML/Standard/CustomerError.dtl
  • Kernel/Output/HTML/Standard/CustomerFooter.dtl
  • Kernel/Output/HTML/Standard/CustomerWarning.dtl
  • Kernel/Output/HTML/Standard/CustomerTicketSearchResultShort.dtl
  • Kernel/Output/HTML/Standard/FooterJS.dtl
  • Kernel/Output/HTML/Standard/Error.dtl
  • Kernel/Output/HTML/Standard/Warning.dtl
  • Kernel/Output/HTML/ 1.351.2.5

However, to avoid unwanted side effects, we recommend a complete update.

Also available on

Please send information regarding vulnerabilities in OTRS to

Many thanks to Szymon Sobczyk for discovering and reporting this vulnerabilitiy.