Latest medium severity vulnerabilities for "otrs" 8.0.0 - SecAlerts

Filter

AND

AND

Sort:

Recently updated

Recently published

OTRSPossible XSS execution in customer information

5.5

First published (updated )

OTRSInsufficient access control

6.5

EPSS

0.05%

First published (updated )

OTRSTickets can be moved without permissions

4.3

First published (updated )

OTRSXSS stored in survey answers

5.4

First published (updated )

OTRSXSS attack using special link in email

6.5

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Example email

OTRSInformation disclosure in the External Interface

4.3

First published (updated )

OTRSPossible XSS attack via translation

5.4

First published (updated )

OTRSAgent names disclosed in chat feature

5.3

First published (updated )

OTRSAgents are able to lock the ticket without the "Owner" permission

4.3

First published (updated )

OTRSInformation exposure in PDF export

6.5

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Example email

OTRSInformation disclosure in external interface

4.3

First published (updated )

OTRSDoS attack using PostMaster filters

5.3

First published (updated )

OTRSPossible DoS attack using a special crafted URL in email body

6.5

First published (updated )

OTRSSupport Bundle includes S/Mime and PGP keys

6.5

First published (updated )

OTRSDynamic templates reveal sensitive data when OTRS tags are used

4.9

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Example email

OTRSInformation disclosure in Request New Password feature

5.3

First published (updated )

OTRSSupport Bundle includes S/Mime and PGP secret or PIN

5.2

First published (updated )

OTRSPossible XSS stored in customer information

4.8

First published (updated )

OTRSPossible XSS in Admin Interface

4.8

First published (updated )

OTRSInformation disclosure in the External Interface

5.3

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Example email

Otrs Calendar Resource PlanningOTRS version number is always in the exported ICS files

5.3

First published (updated )

OTRSInformation exlosure in external interface

5.7

EPSS

0.05%

First published (updated )

OTRSInfoleak

5.3

First published (updated )

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203