Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs otrs vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-21435
Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions.
Otrs Otrs
6.5
CVSSv3
CVE-2013-4088
Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x prior to 3.0.21, 3.1.x prior to 3.1.17, and 3.2.x prior to 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL...
Otrs Otrs
6.5
CVSSv3
CVE-2013-3551
Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System (OTRS) 3.0.x prior to 3.0.20, 3.1.x prior to 3.1.16, and 3.2.x prior to 3.2.7, and OTRS ITSM 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.9, and 3.2.x prior to 3.2.5 does not properly restrict tickets, which allows remo...
Otrs Otrs
Otrs Otrs Itsm
6.5
CVSSv3
CVE-2013-2625
An Access Bypass issue exists in OTRS Help Desk prior to 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM prior to 3.2.3, 3.1.8, and 3.0.7, and FAQ prior to 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified
Otrs Faq
Otrs Otrs Help Desk
Otrs Otrs Itsm
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
6.5
CVSSv3
CVE-2019-12746
An issue exists in Open Ticket Request System (OTRS) Community Edition 5.0.x up to and including 5.0.36 and 6.0.x up to and including 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with thi...
Otrs Otrs
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2019-13458
An issue exists in Open Ticket Request System (OTRS) 7.0.x up to and including 7.0.8, and Community Edition 5.0.x up to and including 5.0.36 and 6.0.x up to and including 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS n...
Otrs Otrs
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2019-9892
An issue exists in Open Ticket Request System (OTRS) 5.x up to and including 5.0.34, 6.x up to and including 6.0.17, and 7.x up to and including 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Sta...
Otrs Otrs
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-20800
An issue exists in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table.
Otrs Otrs 5.0.31
Otrs Otrs 6.0.13
6.5
CVSSv3
CVE-2018-19143
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.33, 5.0.x prior to 5.0.31, and 6.0.x prior to 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-16587
In Open Ticket Request System (OTRS) 4.0.x prior to 4.0.32, 5.0.x prior to 5.0.30, and 6.0.x prior to 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server use...
Otrs Open Ticket Request System
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »