Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

SUSE CVE
SUSE CVEadded 2025/01/28 12:23 a.m.2 views

SUSE CVE-2024-43445

A vulnerability exists in OTRS and OTRS Community Edition that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnerability by uploading or inserting content that would be treated as a different MIME type than intended. This issue affects:...

5.4CVSS6.8AI score0.00224EPSS
Exploits0References3
NCSC
NCSCadded 2022/10/17 12:0 a.m.3 views

Vulnerabilities fixed in OTRS

OTRS developers have fixed vulnerabilities in OTRS 7 and 8. A malicious party could exploit them to perform a denial-of-service DoS or to gain access to sensitive data. To perform the denial-of-service, the malicious need not be remotely authenticated. OTRS has released updates to fix the...

7.5CVSS6.9AI score0.00562EPSS
Exploits0
OSV
OSVadded 2022/03/21 10:15 a.m.4 views

CVE-2022-0475

Malicious translator is able to inject JavaScript code in few translatable strings where HTML is allowed. The code could be executed in the Package manager. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.32 and prior versions, 8.0.x version: 8.0.19 and prior versions...

5.4CVSS5.8AI score0.0043EPSS
Exploits0References1
OSV
OSVadded 2021/10/18 7:15 a.m.3 views

CVE-2021-36097

Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it could be moved to the queue where the agent has "rw" permissions and gain a full control. This issue affects: OTRS AG OTRS 8.0.x version: 8.0.16 and prior versions...

4.3CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2021/09/06 2:15 p.m.2 views

CVE-2021-36093

It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions...

5.3CVSS5.8AI score0.01072EPSS
Exploits0References1
OSV
OSVadded 2021/07/26 5:15 a.m.6 views

CVE-2021-36092

It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG OTRS Community Edition:6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior version...

6.1CVSS5.8AI score0.00717EPSS
Exploits0References1
OSV
OSVadded 2021/06/14 8:15 a.m.1 views

UBUNTU-CVE-2021-21439

DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS...

6.5CVSS6.1AI score0.00976EPSS
Exploits0References3
OSV
OSVadded 2021/02/08 11:15 a.m.2 views

UBUNTU-CVE-2021-21435

Article Bcc fields and agent personal information are shown when customer prints the ticket PDF via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions...

6.5CVSS5.8AI score0.01273EPSS
Exploits0References3
Rows per page
Query Builder