CVE-2026-48208
The CVE concerns an improper neutralization of active SVG content in OTRS/OTRS Community Edition ticket article rendering, allowing an attacker to inject crafted SVGs via email content that triggers browser-side resource exhaustion and DoS when tickets are opened. It is exploitable without JavaSc...