Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-10067
An issue exists in Open Ticket Request System (OTRS) 7.x up to and including 7.0.6 and Community Edition 5.0.x up to and including 5.0.35 and 6.0.x up to and including 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL...
Otrs Otrs
6.5
CVSSv3
CVE-2019-9892
An issue exists in Open Ticket Request System (OTRS) 5.x up to and including 5.0.34, 6.x up to and including 6.0.17, and 7.x up to and including 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Sta...
Otrs Otrs
Debian Debian Linux 8.0
5.4
CVSSv3
CVE-2019-9752
An issue exists in Open Ticket Request System (OTRS) 5.x prior to 5.0.34, 6.x prior to 6.0.16, and 7.x prior to 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the conte...
Otrs Otrs
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
4.8
CVSSv3
CVE-2019-9751
An issue exists in Open Ticket Request System (OTRS) 6.x prior to 6.0.17 and 7.x prior to 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document...
Otrs Otrs
6.5
CVSSv3
CVE-2018-20800
An issue exists in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table.
Otrs Otrs 5.0.31
Otrs Otrs 6.0.13
4.8
CVSSv3
CVE-2018-19141
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.33 and 5.0.x prior to 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-19143
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.33, 5.0.x prior to 5.0.31, and 6.0.x prior to 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
4.8
CVSSv3
CVE-2018-19142
Open Ticket Request System (OTRS) 6.0.x prior to 6.0.13 allows an admin to conduct an XSS attack via a modified URL.
Otrs Open Ticket Request System
6.5
CVSSv3
CVE-2018-16587
In Open Ticket Request System (OTRS) 4.0.x prior to 4.0.32, 5.0.x prior to 5.0.30, and 6.0.x prior to 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server use...
Otrs Open Ticket Request System
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv3
CVE-2018-16586
In Open Ticket Request System (OTRS) 4.0.x prior to 4.0.32, 5.0.x prior to 5.0.30, and 6.0.x prior to 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »