4 matches found
SUSE CVE-2021-21440
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions...
PT-2022-27161 · Otrs +2 · Otrs +3
Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.1 through 7.0.40 Patch 1 OTRS versions 8.0.1 through 8.0.28 Patch 1 OTRS Community Edition versions 6.0.1 through 6.0.34 Description: The issue is related to an Improper Input Validation vulnerability that allows SQL Injecti...
UBUNTU-CVE-2021-36092
It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG OTRS Community Edition:6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior version...
DEBIAN-CVE-2021-21441
There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTR...