Filter

Software

otrs otrs
134
otrs otrs itsm
8
otrs open ticket request system
6
otrs faq
4
otrs otrs help desk
2
otrs survey
2
otrs calendar resource planning
1
otrs cis in customer frontend
1
otrs custom contact fields
1
otrs iphonehandle
1
otrs itsmconfigurationmanagement
1
otrs otrs storm
1
otrs otrscisincustomerfrontend
1
otrs ticket forms
1
otrs time accounting
1

Otrs OtrsAgents are able to lock the ticket without the "Owner" permission

high
7.5
First published (updated )
CVE-2024-23794

Otrs OtrsInformation exlosure in external interface

medium
5.7
EPSS
0.05%
First published (updated )
CVE-2024-6540

Otrs OtrsMissing file type check in avatar picture upload

critical
9.8
EPSS
0.09%
First published (updated )
CVE-2024-23790

Otrs OtrsUnnecessary data is written to log if issues during indexing occurs

high
7.5
EPSS
0.09%
First published (updated )
CVE-2024-23791

Otrs OtrsInsufficient access control

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2024-23792

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsPassword is send back to client

high
8.1
EPSS
0.09%
First published (updated )
CVE-2023-6254

Otrs OtrsInfoleak

medium
5.3
First published (updated )
CVE-2023-38059

Otrs OtrsPossible XSS execution in customer information

medium
5.5
First published (updated )
CVE-2023-5421

Otrs OtrsSSL Certificates are not checked for E-Mail Handling

critical
9.1
First published (updated )
CVE-2023-5422

Otrs OtrsHost header injection by attachments in web service

high
8.8
First published (updated )
CVE-2023-38060

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsTickets can be moved without permissions

medium
4.3
First published (updated )
CVE-2023-38058

OTRS SurveyXSS stored in survey answers

medium
5.4
First published (updated )
CVE-2023-38057

Otrs OtrsCode execution via System Configuration

high
7.2
First published (updated )
CVE-2023-38056

Otrs OtrsInformation disclouse and DoS via websocket push events

high
8.1
First published (updated )
CVE-2023-2534

Otrs OtrsXSS

medium
6.1
First published (updated )
CVE-2018-17883

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsCode execution through ACL creation

high
7.8
First published (updated )
CVE-2023-1250

Otrs OtrsPossible XSS in Ticket Actions

medium
6.1
First published (updated )
CVE-2023-1248

Otrs OtrsSQL Injection via OTRS Search API

critical
9.8
First published (updated )
CVE-2022-4427

Otrs OtrsInformation exposure of template content due to missing check of permissions

high
7.5
First published (updated )
CVE-2022-3501

Otrs OtrsDoS attack using email

high
7.5
First published (updated )
CVE-2022-39052

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsPerl Code execution in Template Toolkit

high
8.8
First published (updated )
CVE-2022-39051

Otrs OtrsPossible XSS stored in customer information

medium
4.8
First published (updated )
CVE-2022-39050

Otrs OtrsPossible XSS in Admin Interface

medium
4.8
First published (updated )
CVE-2022-39049

Otrs OtrsInformation disclosure in Request New Password feature

medium
5.3
First published (updated )
CVE-2022-32741

Otrs OtrsInformation disclosure in the External Interface

medium
5.3
First published (updated )
CVE-2022-32740

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs Calendar Resource PlanningOTRS version number is always in the exported ICS files

medium
5.3
First published (updated )
CVE-2022-32739

Otrs OtrsInformation disclosure in the External Interface

medium
4.3
First published (updated )
CVE-2022-1004

Otrs OtrsPossible XSS attack via translation

medium
5.4
First published (updated )
CVE-2022-0475

Otrs OtrsAuthenticated remote code execution

critical
9
First published (updated )
CVE-2021-36100

Otrs Custom Contact FieldsDisclosure of mail addresses

low
3.5
First published (updated )
CVE-2022-0474

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203