Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs otrs vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-32739
When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.
Otrs Calendar Resource Planning
Otrs Otrs
5
CVSSv2
CVE-2022-32741
Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time.
Otrs Otrs
5
CVSSv2
CVE-2021-36095
Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG ((OTRS)) Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.
Otrs Otrs
5
CVSSv2
CVE-2021-36093
It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8....
Otrs Otrs
5
CVSSv2
CVE-2020-1777
Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask real agent names. This issue affects OTRS; 7.0.21 and prior versions, 8.0.6 and pri...
Otrs Otrs
5
CVSSv2
CVE-2020-1772
It's possible to craft Lost Password requests with wildcards in the Token value, which allows malicious user to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26...
Otrs Otrs
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Debian Debian Linux 8.0
5
CVSSv2
CVE-2020-1765
An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x...
Otrs Otrs
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
5
CVSSv2
CVE-2019-18180
Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote malicious user to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Comm...
Otrs Otrs
5
CVSSv2
CVE-2019-12497
An issue exists in Open Ticket Request System (OTRS) 7.0.x up to and including 7.0.8, Community Edition 6.0.x up to and including 6.0.19, and Community Edition 5.0.x up to and including 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and m...
Otrs Otrs
Debian Debian Linux 8.0
5
CVSSv2
CVE-2008-7280
Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Request System (OTRS) prior to 2.2.7 does not properly handle e-mail messages containing malformed UTF-8 characters, which allows remote malicious users to cause a denial of service (e-mail retrieval outage) via a c...
Otrs Otrs 2.0.0
Otrs Otrs 2.1.3
Otrs Otrs 2.2.4
Otrs Otrs
Otrs Otrs 2.2.5
Otrs Otrs 1.0.2
Otrs Otrs 2.1.8
Otrs Otrs 1.1.1
Otrs Otrs 0.5
Otrs Otrs 1.2.0
Otrs Otrs 1.3.1
Otrs Otrs 2.2.0
Otrs Otrs 2.1.5
Otrs Otrs 2.1.2
Otrs Otrs 1.3.0
Otrs Otrs 2.0.3
Otrs Otrs 1.1.0
Otrs Otrs 1.1
Otrs Otrs 2.1.0
Otrs Otrs 1.2.1
Otrs Otrs 1.1.4
Otrs Otrs 1.2.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »