{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T13:37:31.013","vulnerabilities":[{"cve":{"id":"CVE-2010-4071","sourceIdentifier":"cve@mitre.org","published":"2011-01-20T19:00:05.473","lastModified":"2026-06-16T23:24:04.877","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en AgentTicketZoom para OTRS v2.4.x v2.4.9, cuando RichText está activada, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de JavaScript en un correo electrónico HTML."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:N/I:P/A:N","baseScore":2.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":4.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:otrs:otrs:2.4.1:*:*:*:*:*:*:*","matchCriteriaId":"724A9C40-AE96-4AD5-BEB2-6C496F4C361D"},{"vulnerable":true,"criteria":"cpe:2.3:a:otrs:otrs:2.4.2:*:*:*:*:*:*:*","matchCriteriaId":"8AA5A554-016E-4CFB-A809-991B6902C3FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:otrs:otrs:2.4.3:*:*:*:*:*:*:*","matchCriteriaId":"3821A8EF-ED18-49DD-BF52-DFDD982E35C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:otrs:otrs:2.4.4:*:*:*:*:*:*:*","matchCriteriaId":"B41C77DB-BC99-4C50-BD86-FECB44ACF0A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:otrs:otrs:2.4.5:*:*:*:*:*:*:*","matchCriteriaId":"C9D7CBCB-F4B8-4ACC-86C8-E45358F48697"},{"vulnerable":true,"criteria":"cpe:2.3:a:otrs:otrs:2.4.6:*:*:*:*:*:*:*","matchCriteriaId":"CB4EAE42-96BD-4B25-BFCC-6CFBF08F339C"},{"vulnerable":true,"criteria":"cpe:2.3:a:otrs:otrs:2.4.7:*:*:*:*:*:*:*","matchCriteriaId":"A07A35A7-55A5-4E78-98F8-38B1F3D4DA72"},{"vulnerable":true,"criteria":"cpe:2.3:a:otrs:otrs:2.4.8:*:*:*:*:*:*:*","matchCriteriaId":"73932047-8E00-4720-875A-7D414000F23F"}]}]}],"references":[{"url":"http://bugs.gentoo.org/342687","source":"cve@mitre.org"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html","source":"cve@mitre.org"},{"url":"http://otrs.org/advisory/OSA-2010-03-en/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/41978","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.osvdb.org/68882","source":"cve@mitre.org"},{"url":"http://www.vuxml.org/freebsd/96e776c7-e75c-11df-8f26-00151735203a.html","source":"cve@mitre.org"},{"url":"http://bugs.gentoo.org/342687","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://otrs.org/advisory/OSA-2010-03-en/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/41978","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.osvdb.org/68882","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vuxml.org/freebsd/96e776c7-e75c-11df-8f26-00151735203a.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}