2 matches found
CVE-2022-0474 Disclosure of mail addresses
Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. This issue affects: OTRS AG OTRSCustomContactFields 8.0.x version: 8.0.11 and prior versions...
CVE-2022-0474
CVE-2022-0474 affects OTRS AG OTRSCustomContactFields in OTRS 8.0.x (up to 8.0.11 and earlier). The vulnerability allows disclosure of the full recipient list from a customer contact field via notification emails, even when emails are sent to recipients individually. Impact is confidentiality lea...