Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 5 days ago5 views

CVE-2026-48209

An improper neutralization of user-controllable input in OTRS or OTRS Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting XSS attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into...

7.1CVSS6AI score0.00037EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessusadded 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-43444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match...

8.2CVSS5.9AI score0.00197EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/09/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-1248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in OTRS AG OTRS Ticket Actions modules, OTRS AG OTRS Community Edition Ticket Actions modules allows Cross-Site Scriptin...

6.1CVSS5.1AI score0.00674EPSS
Exploits0References2
OSV
OSVadded 2024/08/26 9:15 a.m.0 views

UBUNTU-CVE-2024-43444

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS5.7AI score0.00197EPSS
Exploits0References3
OSV
OSVadded 2022/03/21 10:15 a.m.0 views

UBUNTU-CVE-2021-36100

Specially crafted string in OTRS system configuration can allow the execution of any system command...

8.8CVSS6.3AI score0.0072EPSS
Exploits0References3
NCSC
NCSCadded 2021/06/15 12:0 a.m.2 views

Vulnerability fixed in OTRS

A vulnerability has been fixed in OTRS. A malicious person at remote user could potentially exploit the vulnerability to cause a Denial-of-Service. To do this, the malicious party needs to send a rogue email message that must then be sent by the OTRS application to process. OTRS has released...

6.5CVSS6.7AI score0.00348EPSS
Exploits0
CNVD
CNVDadded 2020/07/21 12:0 a.m.0 views

Open-source Ticket Request System Code Issue Vulnerability

Open-source Ticket Request System OTRS is an open-source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted through various channels such as phone calls, emails, etc. into different queues and service levels, and the...

4.3CVSS7.5AI score0.00326EPSS
Exploits0References1
Rows per page
Query Builder