CVE-2020-1772 Information Disclosure
It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Tokens, generated by users which already requested new passwords. This issue affects: OTRS Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15...