Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs otrs vulnerabilities and exploits
(subscribe to this query)
490
VMScore
CVE-2018-19143
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.33, 5.0.x prior to 5.0.31, and 6.0.x prior to 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
445
VMScore
CVE-2022-32739
When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.
Otrs Calendar Resource Planning
Otrs Otrs
445
VMScore
CVE-2022-32741
Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time.
Otrs Otrs
445
VMScore
CVE-2021-36095
Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG ((OTRS)) Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.
Otrs Otrs
445
VMScore
CVE-2021-36093
It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8....
Otrs Otrs
445
VMScore
CVE-2020-1777
Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask real agent names. This issue affects OTRS; 7.0.21 and prior versions, 8.0.6 and pri...
Otrs Otrs
445
VMScore
CVE-2020-1772
It's possible to craft Lost Password requests with wildcards in the Token value, which allows malicious user to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26...
Otrs Otrs
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Debian Debian Linux 8.0
445
VMScore
CVE-2020-1765
An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x...
Otrs Otrs
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
445
VMScore
CVE-2019-18180
Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote malicious user to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Comm...
Otrs Otrs
445
VMScore
CVE-2019-12497
An issue exists in Open Ticket Request System (OTRS) 7.0.x up to and including 7.0.8, Community Edition 6.0.x up to and including 6.0.19, and Community Edition 5.0.x up to and including 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and m...
Otrs Otrs
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »