6 matches found
CVE-2024-43442 Stored XSS in System Configuration
Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in OTRS System Configuration modules and OTRS Community Edition allows Cross-Site Scripting XSS within the System Configuration targeting other admins. This issue affects: OTRS from 7.0.X through...
Input validation
Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35...
CVE-2021-36100
Specially crafted string in OTRS system configuration can allow the execution of any system command...
CVE-2021-36100
Specially crafted string in OTRS system configuration can allow the execution of any system command...
CVE-2021-36100
Specially crafted string in OTRS system configuration can allow the execution of any system command...
CVE-2021-36100
Specially crafted string in OTRS system configuration can allow the execution of any system command...