When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
Max CVSS
6.5
EPSS Score
0.05%
Published
2024-01-29
Updated
2024-02-02
Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
Max CVSS
7.5
EPSS Score
0.09%
Published
2024-01-29
Updated
2024-02-02
Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.
Max CVSS
9.8
EPSS Score
0.12%
Published
2024-01-29
Updated
2024-02-02
Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment.  This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-07-24
Updated
2023-08-31
The loading of external images is not blocked, even if configured, if the attacker uses protocol-relative URL in the payload. This can be used to retreive the IP of the user.This issue affects OTRS: from 7.0.X before 7.0.47, from 8.0.X before 8.0.37; ((OTRS)) Community Edition: from 6.0.X through 6.0.34.
Max CVSS
5.3
EPSS Score
0.05%
Published
2023-10-16
Updated
2023-10-19
An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket without the needed permission. This issue affects OTRS: from 8.0.X before 8.0.35.
Max CVSS
4.3
EPSS Score
0.05%
Published
2023-07-24
Updated
2023-08-01
Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Max CVSS
7.2
EPSS Score
0.05%
Published
2023-07-24
Updated
2023-08-01
A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response- This issue affects OTRS: from 8.0.X through 8.0.37.
Max CVSS
8.1
EPSS Score
0.09%
Published
2023-11-27
Updated
2023-12-01
The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. As the SSL_get_verify_result() function is not used the certificated is trusted always and it can not be ensured that the certificate satisfies all necessary security requirements. This could allow an attacker to use an invalid certificate to claim to be a trusted host, use expired certificates, or conduct other attacks that could be detected if the certificate is properly validated. This issue affects OTRS: from 7.0.X before 7.0.47, from 8.0.X before 8.0.37; ((OTRS)) Community Edition: from 6.0.X through 6.0.34.
Max CVSS
9.1
EPSS Score
0.06%
Published
2023-10-16
Updated
2023-10-20
An attacker who is logged into OTRS as an user with privileges to create and change customer user data may manipulate the CustomerID field to execute JavaScript code that runs immediatly after the data is saved.The issue onlyoccurs if the configuration for AdminCustomerUser::UseAutoComplete was changed before. This issue affects OTRS: from 7.0.X before 7.0.47, from 8.0.X before 8.0.37; ((OTRS)) Community Edition: from 6.0.X through 6.0.34.
Max CVSS
5.5
EPSS Score
0.05%
Published
2023-10-16
Updated
2023-10-19
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. User IDs can easily be correlated with real names e. g. via ticket histories by any user. (Fuzzing for garnering other adjacent user/sensitive data). Subscribing to all possible push events could also lead to performance implications on the server side, depending on the size of the installation and the number of active users. (Flooding)This issue affects OTRS: from 8.0.X before 8.0.32.
Max CVSS
8.1
EPSS Score
0.05%
Published
2023-05-08
Updated
2023-05-16
Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0.X before 7.0.42, from 8.0.X before 8.0.31; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-03-20
Updated
2023-03-24
Improper Input Validation vulnerability in OTRS AG OTRS (Ticket Actions modules), OTRS AG ((OTRS)) Community Edition (Ticket Actions modules) allows Cross-Site Scripting (XSS).This issue affects OTRS: from 7.0.X before 7.0.42; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Max CVSS
6.1
EPSS Score
0.05%
Published
2023-03-20
Updated
2023-03-24
An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system
Max CVSS
7.5
EPSS Score
0.08%
Published
2022-10-17
Updated
2022-10-20
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package
Max CVSS
8.8
EPSS Score
0.19%
Published
2022-09-05
Updated
2022-10-01
An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store JavaScript code to be run later by any other agent when clicking the customer URL link. Then the stored JavaScript is executed in the context of OTRS. The same issue applies for the usage of external data sources e.g. database or ldap
Max CVSS
4.8
EPSS Score
0.05%
Published
2022-09-05
Updated
2022-09-08
An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS.
Max CVSS
4.8
EPSS Score
0.08%
Published
2022-09-05
Updated
2022-09-08
Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time.
Max CVSS
5.3
EPSS Score
0.07%
Published
2022-06-13
Updated
2022-06-22
A reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances.
Max CVSS
5.3
EPSS Score
0.07%
Published
2022-06-13
Updated
2022-06-22
When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.
Max CVSS
5.3
EPSS Score
0.07%
Published
2022-06-13
Updated
2022-06-22
Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Max CVSS
9.8
EPSS Score
0.13%
Published
2022-12-19
Updated
2023-08-31
Article template contents with sensitive data could be accessed from agents without permissions.
Max CVSS
7.5
EPSS Score
0.16%
Published
2022-10-17
Updated
2022-10-20
Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend::TicketDetailView###AccountedTimeDisplay is disabled.
Max CVSS
4.3
EPSS Score
0.05%
Published
2022-03-21
Updated
2022-03-28
Malicious translator is able to inject JavaScript code in few translatable strings (where HTML is allowed). The code could be executed in the Package manager. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.32 and prior versions, 8.0.x version: 8.0.19 and prior versions.
Max CVSS
5.4
EPSS Score
0.05%
Published
2022-03-21
Updated
2022-03-28
OTRS administrators can configure dynamic field and inject malicious JavaScript code in the error message of the regular expression check. When used in the agent interface, malicious code might be exectued in the browser. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.31 and prior versions.
Max CVSS
4.8
EPSS Score
0.05%
Published
2022-02-07
Updated
2022-02-14
131 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!