10 matches found
EUVD-2025-7643
Malicious code in bioql PyPI...
EUVD-2025-3686
Malicious code in bioql PyPI...
CVE-2025-24387
A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...
CVE-2025-24387 Missing CSRF protection
A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...
CVE-2025-24387 Missing CSRF protection
A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint from a possible malicious web site, would send the authentication cookie, performing an unwanted read operation. This issue...
CVE-2025-24390
The CVE-2025-24390 issue affects OTRS Application Server and reverse proxy configurations, enabling session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. Affected: OTRS 7.0.X, 8.0.X, 2023.X, 2024.X. Root cause: incomplete cookie security attributes in HTTPS ...
CVE-2025-24390 Missing Cookie Flags
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X...
OTRS SQL注入漏洞
OTRS is an application from OTRS Germany. A service management software. OTRS AG OTRS, OTRS AG OTRS Community Edition Version 7.0.1 up to and including version 7.0.40 Patch 1, version 8.0.1 up to and including version 8.0.28 Patch 1, and version 6.0.1 up to and including version 6.0.34 has a SQL...
OTRS AG OTRS Input Validation Error Vulnerability
OTRS is an application from the German company OTRS. A service management software. OTRS AG An input validation error vulnerability exists in OTRS that arises from the system not properly validating incoming data. An attacker placing a specially crafted URL in the body of an email message could...
OTRS 2.0 index.pl Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15537/info OTRS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to multiple SQL-injection...