OTRS AG OTRSCustomContactFields Information Disclosure Vulnerability

OTRS AG OTRSCustomContactFields is an OTRS custom contact fields plugin from OTRS Germany.An information disclosure vulnerability exists in OTRS AG OTRSCustomContactFields, which could be exploited by an attacker to obtain the full list of recipients in a contact field from a customer...

CVE-2022-0474

Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. This issue affects: OTRS AG OTRSCustomContactFields 8.0.x version: 8.0.11 and prior versions...

CVE-2022-0474

CVE-2022-0474 affects OTRS AG OTRSCustomContactFields in OTRS 8.0.x (up to 8.0.11 and earlier). The vulnerability allows disclosure of the full recipient list from a customer contact field via notification emails, even when emails are sent to recipients individually. Impact is confidentiality lea...

CVE-2022-0474 Disclosure of mail addresses

Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. This issue affects: OTRS AG OTRSCustomContactFields 8.0.x version: 8.0.11 and prior versions...