CVE-2010-4766

The AgentTicketForward feature in Open Ticket Request System OTRS before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially sensitive image information in opportunistic circumstances by reading a forwarded message in a...

OTRS 跨站脚本漏洞

OTRS is a service management software application from OTRS Germany. OTRS AG OTRS has a security vulnerability that originates from a request that can be generated for the appointment editing screen. An attacker could exploit the vulnerability to cause an XSS attack...

OTRS Information Disclosure Vulnerability (CNVD-2020-22202)

Open-source Ticket Request System OTRS is an open-source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted through various channels such as phone calls, emails, etc. into different queues and service levels, and the...

CVE-2020-1766

Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: OTRS Community Edition 5.0.x version 5.0.39 and prior...