Lucene search
K

4 matches found

Prion
Prion
added 2020/01/10 3:15 p.m.17 views

Design/Logic Flaw

An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: OTRS Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and...

5CVSS5.3AI score0.01499EPSS
Exploits0References6Affected Software4
UbuntuCve
UbuntuCve
added 2018/09/28 12:29 a.m.23 views

CVE-2018-16586

In Open Ticket Request System OTRS 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources...

4.3CVSS6.6AI score0.01485EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/12/20 5:29 p.m.27 views

CVE-2017-17476

Open Ticket Request System OTRS 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email...

8.8CVSS7.2AI score0.02223EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2017/12/11 12:0 a.m.42 views

OTRS 4.x < 4.0.27, 5.x < 5.0.24, 6.x < 6.0.2 RCE Vulnerability (Dec 2017)

OTRS is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if...

9CVSS9AI score0.19901EPSS
Exploits8References1
Rows per page
Query Builder