OTRS 6.0.x < 6.0.25, 7.0.x < 7.0.14 Message Vulnerability

OTRS is prone to a vulnerability where it is possible to send drafted messages as wrong agent. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2020-1767

CVE-2020-1767 affects OTRS Community Edition 6.0.x (up to 6.0.24) and OTRS 7.0.x (up to 7.0.13). Description: Agent A can save a draft; Agent B can open it, modify the text, and send it as Agent A, so customers see a message sent by the original agent. Debian/Nessus advisories indicate patches: u...