Lucene search
K

6 matches found

NVD
NVD
added 2020/02/21 4:15 p.m.23 views

CVE-2013-4088

Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System OTRS 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket spl...

6.5CVSS6.5AI score0.02366EPSS
Exploits0References4
Prion
Prion
added 2020/02/21 4:15 p.m.22 views

Design/Logic Flaw

Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System OTRS 3.0.x before 3.0.20, 3.1.x before 3.1.16, and 3.2.x before 3.2.7, and OTRS ITSM 3.0.x before 3.0.8, 3.1.x before 3.1.9, and 3.2.x before 3.2.5 does not properly restrict tickets, which allows remote attackers with a valid agent...

4CVSS6.8AI score0.01577EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/02/21 4:15 p.m.30 views

Design/Logic Flaw

Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System OTRS 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket spl...

4CVSS6.8AI score0.02366EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/02/21 3:48 p.m.24 views

CVE-2013-4088

Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System OTRS 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket spl...

6.4AI score0.02366EPSS
Exploits0References4
CVE
CVE
added 2020/02/21 3:48 p.m.147 views

CVE-2013-4088

Summary (CVE-2013-4088) : Open Ticket Request System (OTRS) components Kernel/Modules/AgentTicketWatcher.pm in OTRS 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 allowed remote attackers with a valid agent login to read restricted tickets via a crafted URL using the ticket spli...

6.5CVSS6.2AI score0.02366EPSS
Exploits0References4Affected Software1
FreeBSD
FreeBSD
added 2012/08/22 12:0 a.m.31 views

otrs -- XSS vulnerability in Internet Explorer could lead to remote code execution

The OTRS Project reports: This advisory covers vulnerabilities discovered in the OTRS core system. Due to the XSS vulnerability in Internet Explorer an attacker could send a specially prepared HTML email to OTRS which would cause JavaScript code to be executed in your Internet Explorer while...

4.3CVSS6AI score0.04195EPSS
Exploits1References1
Rows per page
Query Builder