Filters

Otrs OtrsMissing file type check in avatar picture upload

critical
9.8
EPSS
0.09%
First published (updated )
CVE-2024-23790

Otrs OtrsUnnecessary data is written to log if issues during indexing occurs

high
7.5
EPSS
0.09%
First published (updated )
CVE-2024-23791

Otrs OtrsInsufficient access control

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2024-23792

Otrs OtrsInfoleak

medium
5.3
First published (updated )
CVE-2023-38059

Otrs OtrsPossible XSS execution in customer information

medium
5.5
First published (updated )
CVE-2023-5421

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsSSL Certificates are not checked for E-Mail Handling

critical
9.1
First published (updated )
CVE-2023-5422

Otrs OtrsHost header injection by attachments in web service

high
8.8
First published (updated )
CVE-2023-38060

OTRS SurveyXSS stored in survey answers

medium
5.4
First published (updated )
CVE-2023-38057

Otrs OtrsCode execution via System Configuration

high
7.2
First published (updated )
CVE-2023-38056

Otrs OtrsCode execution through ACL creation

high
7.8
First published (updated )
CVE-2023-1250

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsPossible XSS in Ticket Actions

medium
6.1
First published (updated )
CVE-2023-1248

Otrs OtrsDoS attack using email

high
7.5
First published (updated )
CVE-2022-39052

Otrs OtrsPerl Code execution in Template Toolkit

high
8.8
First published (updated )
CVE-2022-39051

Otrs OtrsPossible XSS stored in customer information

medium
4.8
First published (updated )
CVE-2022-39050

Otrs OtrsPossible XSS in Admin Interface

medium
4.8
First published (updated )
CVE-2022-39049

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsInformation disclosure in Request New Password feature

medium
5.3
First published (updated )
CVE-2022-32741

Otrs OtrsInformation disclosure in the External Interface

medium
5.3
First published (updated )
CVE-2022-32740

Otrs Calendar Resource PlanningOTRS version number is always in the exported ICS files

medium
5.3
First published (updated )
CVE-2022-32739

Otrs OtrsInformation disclosure in the External Interface

medium
4.3
First published (updated )
CVE-2022-1004

Otrs OtrsPossible XSS attack via translation

medium
5.4
First published (updated )
CVE-2022-0475

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsDynamic field error message is vulnerable to XSS

medium
4.8
First published (updated )
CVE-2022-0473

Otrs OtrsUser enumeration issue using "lost password" feature

medium
5.3
First published (updated )
CVE-2021-36095

Otrs OtrsDoS attack using PostMaster filters

medium
5.3
First published (updated )
CVE-2021-36093

Otrs OtrsXSS attack in appointment edit popup screen

medium
5.7
First published (updated )
CVE-2021-36094

Otrs OtrsSupport Bundle includes S/Mime and PGP secret or PIN

medium
5.2
First published (updated )
CVE-2021-36096

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsXSS attack using special link in email

medium
6.5
First published (updated )
CVE-2021-36092

Otrs OtrsUnautorized access to the calendar appointments

medium
4.3
First published (updated )
CVE-2021-36091

Otrs OtrsUnautorized listing of the customer user emails

medium
4.3
First published (updated )
CVE-2021-21443

Otrs OtrsSupport Bundle includes S/Mime and PGP keys

medium
6.5
First published (updated )
CVE-2021-21440

Otrs OtrsXSS in the ticket overview screens

high
7.5
First published (updated )
CVE-2021-21441

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsPossible DoS attack using a special crafted URL in email body

medium
6.5
First published (updated )
CVE-2021-21439

Otrs FaqFAQ articles are shown to users without permission

medium
4.3
First published (updated )
CVE-2021-21438

Otrs OtrsInformation exposure in PDF export

medium
6.5
First published (updated )
CVE-2021-21435

Otrs OtrsAgent names disclosed in chat feature

medium
5.3
First published (updated )
CVE-2020-1777

Otrs OtrsInvalidating or changing user does not invalidate session

medium
4.3
First published (updated )
CVE-2020-1776

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsInformation disclosure in external interface

medium
4.3
First published (updated )
CVE-2020-1775

Otrs OtrsInformation disclosure

medium
4.9
First published (updated )
CVE-2020-1774

Otrs OtrsSession / Password / Password token leak

high
8.1
First published (updated )
CVE-2020-1773

Otrs OtrsInformation Disclosure

high
7.5
First published (updated )
CVE-2020-1772

Otrs OtrsAutocomplete in the form login screens

medium
4.3
First published (updated )
CVE-2020-1769

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsPossible XSS in Customer user address book

medium
5.4
First published (updated )
CVE-2020-1771

Otrs OtrsInformation disclosure in support bundle files

medium
4.3
First published (updated )
CVE-2020-1770

Otrs OtrsXSS

medium
5.4
First published (updated )
CVE-2019-16375

Otrs OtrsInfoleak

medium
4.3
First published (updated )
CVE-2019-13457

Otrs OtrsAn issue was discovered in Open Ticket Request System (OTRS) 7.0 through 7.0.6. An attacker who is l…

medium
4.3
First published (updated )
CVE-2019-10065

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Otrs OtrsExternal Interface does not invalidate session

medium
5.5
First published (updated )
CVE-2020-1768

Otrs OtrsImproper handling of uploaded inline images

medium
6.1
First published (updated )
CVE-2020-1766

Otrs OtrsSpoofing of From field in several screens

medium
5.3
First published (updated )
CVE-2020-1765

Otrs OtrsPossible to send drafted messages as wrong agent

medium
4.3
First published (updated )
CVE-2020-1767

Otrs OtrsAn issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edi…

medium
4.3
First published (updated )
CVE-2019-18179

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203