An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
otrs otrs |
||
debian debian linux 8.0 |
||
opensuse leap 15.1 |
||
opensuse backports sle 15.0 |
||
opensuse leap 15.2 |