13 matches found
EUVD-2019-2126
Malware in sbrugna...
EUVD-2019-19116
Malware in sbrugna...
SUSE CVE-2013-2637
A Cross-Site Scripting XSS Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code...
SUSE CVE-2019-9753
An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...
CVE-2021-21438 FAQ articles are shown to users without permission
Agents are able to see linked FAQ articles without permissions defined in FAQ Category. This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions...
CVE-2019-10065
An issue was discovered in Open Ticket Request System OTRS 7.0 through 7.0.6. An attacker who is logged into OTRS as a customer user can use the search result screens to disclose information from internal FAQ articles, a different vulnerability than CVE-2019-9753...
CVE-2019-9753
An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...
CVE-2019-9753
An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...
CVE-2019-9753
An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...
Design/Logic Flaw
An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...
CVE-2019-9753
An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...
CVE-2019-9753
OTRS 7.x before 7.0.5 has an information disclosure vulnerability (CVE-2019-9753). An authenticated user (agent or customer) can use search result screens to disclose data from internal entities: Custom Pages, FAQ Articles, Service Catalogue Items, and ITSM Configuration Items. Root cause: inform...
CVE-2019-9753
An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...