3 matches found
CVE-2022-1004
Accounted time is shown in the Ticket Detail View External Interface, even if ExternalFrontend::TicketDetailViewAccountedTimeDisplay is disabled...
Code injection
Accounted time is shown in the Ticket Detail View External Interface, even if ExternalFrontend::TicketDetailViewAccountedTimeDisplay is disabled...
CVE-2022-1004
CVE-2022-1004 affects OTRS and concerns an information disclosure where the Billing Time ExternalFrontend::TicketDetailView###AccountedTimeDisplay setting is shown in the Ticket Work Order details view even if the display is disabled. Multiple sources corroborate this, including NVD and CVE recor...