Lucene search
K

6 matches found

UbuntuCve
UbuntuCve
added 2024/08/26 9:15 a.m.13 views

CVE-2024-43444

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS5.9AI score0.00376EPSS
Exploits0References2
OSV
OSV
added 2020/03/19 6:15 p.m.15 views

CVE-2019-16375

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious...

5.4CVSS6.7AI score
Exploits0References6
Cvelist
Cvelist
added 2019/06/03 6:5 p.m.24 views

CVE-2019-9753

An issue was discovered in Open Ticket Request System OTRS 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom Pages, FAQ...

3.5CVSS4.2AI score0.00887EPSS
Exploits0References1
NVD
NVD
added 2019/05/22 12:29 a.m.17 views

CVE-2019-10067

An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the contex...

5.4CVSS6.2AI score0.01155EPSS
Exploits0References4
CVE
CVE
added 2019/05/21 11:23 p.m.73 views

CVE-2019-10066

Open Ticket Request System (OTRS) 7.x up to 7.0.6, Community Edition 6.0.x up to 6.0.17, and OTRSAppointmentCalendar 5.0.x up to 5.0.12 are affected by CVE-2019-10066. The issue allows an attacker who is logged in as an OTRS agent with appropriate permissions to craft a calendar appointment that ...

5.4CVSS5.4AI score0.00817EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/05/21 11:17 p.m.154 views

CVE-2019-9892

CVE-2019-9892 affects Open Ticket Request System (OTRS) versions 5.x (up to 5.0.34), 6.x (up to 6.0.17), and 7.x (up to 7.0.6). An agent with appropriate permissions can import a specially crafted Report Statistics XML, triggering an XML External Entity (XXE) processing flaw that may cause the sy...

6.5CVSS6.5AI score0.01097EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder