Lucene search
+L

353 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-16375

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacke...

5.4CVSS5.8AI score0.01123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-9752

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an...

5.4CVSS6.5AI score0.01054EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-10066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through...

5.4CVSS5.8AI score0.00817EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-9324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Open Ticket Request System OTRS 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a...

8.8CVSS7.8AI score0.02351EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-16664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System OTRS 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent...

8.8CVSS7.8AI score0.02492EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-14593

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into...

8.8CVSS7.8AI score0.019EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 12:29 p.m.13 views

CVE-2010-4761

The customer-interface ticket-print dialog in Open Ticket Request System OTRS before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the 1 responsible, 2 owner, 3 accounted time, 4 pending until...

4CVSS6.1AI score0.01289EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.9 views

CVE-2019-12746

An issue was discovered in Open Ticket Request System OTRS Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be...

6.5CVSS6.7AI score0.02018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.9 views

CVE-2019-10065

An issue was discovered in Open Ticket Request System OTRS 7.0 through 7.0.6. An attacker who is logged into OTRS as a customer user can use the search result screens to disclose information from internal FAQ articles, a different vulnerability than CVE-2019-9753...

4.3CVSS6.3AI score0.00887EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:23 a.m.11 views

CVE-2019-9751

An issue was discovered in Open Ticket Request System OTRS 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm...

4.8CVSS6.8AI score0.00812EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 a.m.6 views

CVE-2019-13457

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8. A customer user can use the search results to disclose information from their "company" tickets with the same CustomerID, even when the CustomerDisableCompanyTicketAccess setting is turned on...

4.3CVSS6.3AI score0.00907EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:28 a.m.10 views

CVE-2018-20800

An issue was discovered in Open Ticket Request System OTRS 5.0.31 and 6.0.13. Users updating to 6.0.13 also patchlevel updates or 5.0.31 only major updates will experience data loss in their agent preferences table...

6.5CVSS6.8AI score0.0099EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:26 a.m.7 views

CVE-2019-13458

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to...

6.5CVSS6.6AI score0.01707EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:17 a.m.10 views

CVE-2018-17883

An issue was discovered in Open Ticket Request System OTRS 6.0.x before 6.0.12. An attacker could send an e-mail message with a malicious link to an OTRS system or an agent. If a logged-in agent opens this link, it could cause the execution of JavaScript in the context of OTRS...

6.1CVSS6.8AI score0.00443EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:43 a.m.8 views

CVE-2018-11563

An issue was discovered in Open Ticket Request System OTRS 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged in customer's browser in the context of the OTRS customer panel application...

4.9CVSS7.2AI score0.00816EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:21 a.m.5 views

CVE-2010-4768

Open Ticket Request System OTRS before 2.3.5 does not properly disable hidden permissions, which allows remote authenticated users to bypass intended queue access restrictions in opportunistic circumstances by visiting a ticket, related to a certain ordering of permission-set and permission-remov...

6CVSS6.6AI score0.00972EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:20 a.m.11 views

CVE-2010-4765

Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System OTRS before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets...

4.9CVSS6.5AI score0.00617EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:20 a.m.10 views

CVE-2010-4762

Cross-site scripting XSS vulnerability in the rich-text-editor component in Open Ticket Request System OTRS before 3.0.0-beta2 allows remote authenticated users to inject arbitrary web script or HTML by using the "source code" feature in the customer interface...

3.5CVSS5.5AI score0.01044EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:20 a.m.12 views

CVE-2010-4763

The ACL-customer-status Ticket Type setting in Open Ticket Request System OTRS before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the 1 Status, 2 Service, and 3 Queue via selections...

6.5CVSS6.6AI score0.0157EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:20 a.m.9 views

CVE-2010-4760

Open Ticket Request System OTRS before 3.0.0-beta6 adds email-notification-ext articles to tickets during processing of event-based notifications, which allows remote authenticated users to obtain potentially sensitive information by reading a ticket...

3.5CVSS6.1AI score0.01172EPSS
Exploits0References1
Rows per page
Query Builder