DEBIAN-CVE-2019-10066

An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment ...

UBUNTU-CVE-2019-10067

An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the contex...

Design/Logic Flaw

An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the contex...

CVE-2019-10066

An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment ...

CVE-2019-10066

An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment ...

Debian: Security Advisory (DLA-1774-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2019-19923 · Otrs +2 · Otrs +2

Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 5.x through 5.0.34 Open Ticket Request System OTRS versions 6.x through 6.0.17 Open Ticket Request System OTRS versions 7.x through 7.0.6 Description: An issue was discovered in Open Ticket Request...

Open Ticket Request System (OTRS) cross-site scripting vulnerability (CNVD-2019-12687)

Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted through various channels such as phone calls, emails, etc. into different queues and service levels, and the service...

DEBIAN-CVE-2019-9752

An issue was discovered in Open Ticket Request System OTRS 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This ...

Design/Logic Flaw

An issue was discovered in Open Ticket Request System OTRS 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm...

CVE-2018-20800

OTRS CVE-2018-20800 affects Open Ticket Request System versions 5.0.31 and 6.0.13. Upgrading to 6.0.13 (or 5.0.31 in some patch paths) may cause data loss in the agent preferences table. The provided documents do not include a concrete root cause analysis or a vendor patch/mitigation, and while m...

CVE-2019-9751

The CVE-2019-9751 vulnerability affects Open Ticket Request System (OTRS). Affects OTRS 6.x prior to version 6.0.17 and 7.x prior to 7.0.5. The issue arises from Kernel/Output/Template/Document.pm, where an admin-user can manipulate the URL to cause JavaScript execution in the OTRS context. Impac...

Open Ticket Request System Cross-Site Scripting Vulnerability (CNVD-2019-09606)

Open Ticket Request System OTRS is an open source defect tracking and management system software. A cross-site scripting vulnerability exists in OTRS version 6.0.x prior to 6.0.13, which can be exploited by remote attackers to execute JavaScript code via URL manipulation...

Open Ticket Request System (OTRS) File Deletion Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software. Open Ticket Request System OTRS suffers from a file deletion vulnerability that can be exploited by an attacker to delete files through manipulation of submission forms...

UBUNTU-CVE-2018-19142

Open Ticket Request System OTRS 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL...

CVE-2018-19142

Open Ticket Request System OTRS 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL...

DEBIAN-CVE-2018-19142

Open Ticket Request System OTRS 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL...

Open redirect

In Open Ticket Request System OTRS 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources...

Open Ticket Request System Arbitrary File Deletion Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted through various channels such as phone calls, emails, etc. into different queues and service levels, and the service...

Open Ticket Request System Elevation of Privilege Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted through various channels such as phone calls, emails, etc. into different queues and service levels, and the service...