20 matches found
EUVD-2021-22723
Malware in sbrugna...
EUVD-2021-22724
Malware in sbrugna...
EUVD-2020-12598
Malware in sbrugna...
EUVD-2020-12594
Malware in sbrugna...
EUVD-2020-12600
Malware in sbrugna...
EUVD-2021-8712
Malicious code in bioql PyPI...
EUVD-2021-8715
Malicious code in bioql PyPI...
EUVD-2021-8709
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-21436
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Agents are able to see and link Config Items without permissions, which are defined in General Catalog. This issue affects: OTRS AG OTRSCIsInCustomerFrontend...
CVE-2024-23791
Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1...
CVE-2023-5421
An attacker who is logged into OTRS as an user with privileges to create and change customer user data may manipulate the CustomerID field to execute JavaScript code that runs immediatly after the data is saved.The issue onlyoccurs if the configuration for AdminCustomerUser::UseAutoComplete was...
SUSE CVE-2021-21440
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG OTRS Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions...
OTRS 安全漏洞
OTRS is an application from the German company OTRS. A service management software. A security vulnerability exists in OTRS version 7.0.x prior to 7.0.37, and OTRS version 8.0.x prior to 8.0.25, which stems from the possibility that an attacker could execute malicious Perl code in the template...
PT-2022-27161 · Otrs +2 · Otrs +3
Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.1 through 7.0.40 Patch 1 OTRS versions 8.0.1 through 8.0.28 Patch 1 OTRS Community Edition versions 6.0.1 through 6.0.34 Description: The issue is related to an Improper Input Validation vulnerability that allows SQL Injecti...
CVE-2021-36095
Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG OTRS Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions...
UBUNTU-CVE-2021-36092
It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG OTRS Community Edition:6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior version...
DEBIAN-CVE-2021-21441
There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTR...
Design/Logic Flaw
Agents are able to see linked FAQ articles without permissions defined in FAQ Category. This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions...
CVE-2020-1773
An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects OTRS Community Edition:...
UBUNTU-CVE-2017-9299
Open Ticket Request System OTRS 3.3.9 has XSS in index.pl?Action=AgentStats requests, as demonstrated by OrderBy=XSS and Direction=XSS attacks. NOTE: this CVE may have limited relevance because it represents a 2017 discovery of an issue in software from 2014. The 3.3.20 release, for example, is n...