Lucene search
K

5 matches found

CVE
CVE
added 2025/01/27 5:59 a.m.65 views

CVE-2025-24389

CVE-2025-24389 affects OTRS and related builds (OTRS 7.0.X, 8.0.X, 2023.X, 2024.X and ((OTRS)) Community Edition 6.0.x; products based on CE are likely affected). The root cause is described as certain errors in upstream libraries that cause sensitive information to be written to the OTRS log mec...

6.3CVSS6.2AI score0.00137EPSS
Exploits0References1
NVD
NVD
added 2024/08/26 9:15 a.m.13 views

CVE-2024-43443

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in Process Management modules of OTRS and OTRS Community Edition allows Cross-Site Scripting XSS within the Process Management targeting other admins. This issue affects: OTRS from 7.0.X through 7.0....

4.9CVSS0.00355EPSS
Exploits0References1
NVD
NVD
added 2024/08/26 9:15 a.m.18 views

CVE-2024-43444

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS0.00376EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/08/26 9:15 a.m.13 views

CVE-2024-43444

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS5.9AI score0.00376EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/15 7:13 a.m.25 views

CVE-2024-6540 Information exlosure in external interface

Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. The problem only occurs if the TicketSearchLegacyEngine has be...

5.7CVSS0.00385EPSS
Exploits0References1
Rows per page
Query Builder