Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs open ticket request system vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-19142
Open Ticket Request System (OTRS) 6.0.x prior to 6.0.13 allows an admin to conduct an XSS attack via a modified URL.
Otrs Open Ticket Request System
312
VMScore
CVE-2018-19141
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.33 and 5.0.x prior to 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
490
VMScore
CVE-2018-19143
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.33, 5.0.x prior to 5.0.31, and 6.0.x prior to 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
578
VMScore
CVE-2018-14593
An issue exists in Open Ticket Request System (OTRS) 6.0.x up to and including 6.0.9, 5.0.x up to and including 5.0.28, and 4.0.x up to and including 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
Debian Debian Linux 9.0
383
VMScore
CVE-2018-16586
In Open Ticket Request System (OTRS) 4.0.x prior to 4.0.32, 5.0.x prior to 5.0.30, and 6.0.x prior to 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources.
Otrs Open Ticket Request System
Debian Debian Linux 8.0
Debian Debian Linux 9.0
516
VMScore
CVE-2018-16587
In Open Ticket Request System (OTRS) 4.0.x prior to 4.0.32, 5.0.x prior to 5.0.30, and 6.0.x prior to 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server use...
Otrs Open Ticket Request System
Debian Debian Linux 8.0
Debian Debian Linux 9.0
270
VMScore
CVE-2012-4600
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x prior to 2.4.14, 3.0.x prior to 3.0.16, and 3.1.x prior to 3.1.10, when Firefox or Opera is used, allows remote malicious users to inject arbitrary web script or HTML via an e-mail messa...