Lucene search
K

6 matches found

CVE
CVE
added 2026/06/01 3:32 a.m.29 views

CVE-2026-48209

OTRS Community Edition 7.0.x is vulnerable to reflected XSS due to improper neutralization of user-controllable input in ticket handling. Attackers who are authenticated can exploit crafted request parameters in ticket actions to inject JavaScript via manipulated request URLs, executing code in t...

7.1CVSS6AI score0.00219EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-36094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It's possible to craft a request for appointment edit screen, which could lead to the XSS attack. This issue affects: OTRS AG OTRS Community Edition 6.0.x versi...

5.7CVSS5.7AI score0.0059EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/01/28 12:23 a.m.4 views

SUSE CVE-2024-43445

A vulnerability exists in OTRS and OTRS Community Edition that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. This issue affects:...

5.4CVSS6.8AI score0.00224EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/16 12:0 a.m.3 views

PT-2023-32094 · Openssl +2 · Openssl +2

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.46 OTRS versions 8.0.X through 8.0.36 OTRS Community Edition versions 6.0.X through 6.0.34 Description: The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static S...

9.8CVSS4.9AI score0.01273EPSS
Exploits0References31
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.3 views

SUSE CVE-2020-1768

The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions...

5.5CVSS5.5AI score0.00747EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/10/14 12:0 a.m.3 views

PT-2023-16838 · Otrs Ag +1 · Otrs +2

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.41 OTRS Community Edition versions 6.0.1 through 6.0.34 Description: The issue is related to an Improper Input Validation vulnerability in the Ticket Actions modules of OTRS AG OTRS and OTRS AG OTRS Community...

9.8CVSS4.8AI score0.01273EPSS
Exploits0References34
Rows per page
Query Builder