An issue exists in Open Ticket Request System (OTRS) 6.0.x up to and including 6.0.9, 5.0.x up to and including 5.0.28, and 4.0.x up to and including 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
otrs open ticket request system |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |