Filter
AND

OTRSMissing file type check in avatar picture upload

critical
9.8
EPSS
0.09%
First published (updated )
CVE-2024-23790

OTRSSSL Certificates are not checked for E-Mail Handling

critical
9.1
First published (updated )
CVE-2023-5422

OTRSHost header injection by attachments in web service

high
8.8
First published (updated )
CVE-2023-38060

OTRSPerl Code execution in Template Toolkit

high
8.8
First published (updated )
CVE-2022-39051

OTRSSession / Password / Password token leak

high
8.1
First published (updated )
CVE-2020-1773

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSCode execution through ACL creation

high
7.8
First published (updated )
CVE-2023-1250

OTRSUnnecessary data is written to log if issues during indexing occurs

high
7.5
EPSS
0.09%
First published (updated )
CVE-2024-23791

OTRSXSS in the ticket overview screens

high
7.5
First published (updated )
CVE-2021-21441

OTRSDenial of service

high
7.5
First published (updated )
CVE-2019-18180

OTRSInformation Disclosure

high
7.5
First published (updated )
CVE-2020-1772

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSDoS attack using email

high
7.5
First published (updated )
CVE-2022-39052

OTRSCode execution via System Configuration

high
7.2
First published (updated )
CVE-2023-38056

OTRSInsufficient access control

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2024-23792

OTRSPossible DoS attack using a special crafted URL in email body

medium
6.5
First published (updated )
CVE-2021-21439

OTRSSupport Bundle includes S/Mime and PGP keys

medium
6.5
First published (updated )
CVE-2021-21440

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSAn issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edit…

medium
6.5
First published (updated )
CVE-2019-13458

OTRSInformation exposure in PDF export

medium
6.5
First published (updated )
CVE-2021-21435

OTRSXSS attack using special link in email

medium
6.5
First published (updated )
CVE-2021-36092

OTRSAn issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17,…

medium
6.5
First published (updated )
CVE-2019-9892

OTRSImproper handling of uploaded inline images

medium
6.1
First published (updated )
CVE-2020-1766

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSPossible XSS in Ticket Actions

medium
6.1
First published (updated )
CVE-2023-1248

OTRSXSS attack in appointment edit popup screen

medium
5.7
First published (updated )
CVE-2021-36094

OTRSPossible XSS execution in customer information

medium
5.5
First published (updated )
CVE-2023-5421

OTRSExternal Interface does not invalidate session

medium
5.5
First published (updated )
CVE-2020-1768

OTRSXSS

medium
5.4
First published (updated )
CVE-2019-16375

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSPossible XSS in Customer user address book

medium
5.4
First published (updated )
CVE-2020-1771

OTRS Time AccountingXSS vulnerability in Time Accounting

medium
5.4
First published (updated )
CVE-2021-21442

OTRSXSS

medium
5.4
First published (updated )
CVE-2019-10067

OTRSXSS

medium
5.4
First published (updated )
CVE-2019-10066

OTRSXSS

medium
5.4
First published (updated )
CVE-2019-9752

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203