Filter
AND

OTRSInformation disclouse and DoS via websocket push events

high
8.1
First published (updated )
CVE-2023-2534

OTRSPossible XSS execution in customer information

medium
5.5
First published (updated )
CVE-2023-5421

OTRSSSL Certificates are not checked for E-Mail Handling

critical
9.1
First published (updated )
CVE-2023-5422

OTRSInsufficient access control

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2024-23792

OTRSCode execution via System Configuration

high
7.2
First published (updated )
CVE-2023-38056

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSHost header injection by attachments in web service

high
8.8
First published (updated )
CVE-2023-38060

OTRSTickets can be moved without permissions

medium
4.3
First published (updated )
CVE-2023-38058

OTRSXSS stored in survey answers

medium
5.4
First published (updated )
CVE-2023-38057

OTRSXSS attack using special link in email

medium
6.5
First published (updated )
CVE-2021-36092

OTRSInformation disclosure in the External Interface

medium
4.3
First published (updated )
CVE-2022-1004

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSPossible XSS attack via translation

medium
5.4
First published (updated )
CVE-2022-0475

OTRSAuthenticated remote code execution

critical
9
First published (updated )
CVE-2021-36100

OTRSAgent names disclosed in chat feature

medium
5.3
First published (updated )
CVE-2020-1777

OTRSAgents are able to lock the ticket without the "Owner" permission

medium
4.3
First published (updated )
CVE-2021-36097

OTRSInformation exposure in PDF export

medium
6.5
First published (updated )
CVE-2021-21435

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSInformation disclosure in external interface

medium
4.3
First published (updated )
CVE-2020-1775

OTRSDoS attack using PostMaster filters

medium
5.3
First published (updated )
CVE-2021-36093

OTRSPossible DoS attack using a special crafted URL in email body

medium
6.5
First published (updated )
CVE-2021-21439

OTRSSupport Bundle includes S/Mime and PGP keys

medium
6.5
First published (updated )
CVE-2021-21440

OTRSPerl Code execution in Template Toolkit

high
8.8
First published (updated )
CVE-2022-39051

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSDynamic templates reveal sensitive data when OTRS tags are used

medium
4.9
First published (updated )
CVE-2020-1779

OTRSInformation disclosure in Request New Password feature

medium
5.3
First published (updated )
CVE-2022-32741

OTRSSupport Bundle includes S/Mime and PGP secret or PIN

medium
5.2
First published (updated )
CVE-2021-36096

OTRSPossible XSS stored in customer information

medium
4.8
First published (updated )
CVE-2022-39050

OTRSPossible XSS in Admin Interface

medium
4.8
First published (updated )
CVE-2022-39049

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSDoS attack using email

high
7.5
First published (updated )
CVE-2022-39052

OTRSInformation disclosure in the External Interface

medium
5.3
First published (updated )
CVE-2022-32740

Otrs Calendar Resource PlanningOTRS version number is always in the exported ICS files

medium
5.3
First published (updated )
CVE-2022-32739

OTRSInformation exposure of template content due to missing check of permissions

high
7.5
First published (updated )
CVE-2022-3501

OTRSCode execution through ACL creation

high
7.8
First published (updated )
CVE-2023-1250

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203