Filter

Software

otrs
146
otrs otrs itsm
8
otrs open ticket request system
6
otrs otrs
3
otrs otrs help desk
2
otrs calendar resource planning
1
otrs cis in customer frontend
1
otrs custom contact fields
1
otrs faq
1
otrs iphonehandle
1
otrs itsmconfigurationmanagement
1
otrs otrs storm
1
otrs otrscisincustomerfrontend
1

OTRSHost header injection by attachments in web service

high
8.8
First published (updated )
CVE-2023-38060

OTRSSQL Injection via OTRS Search API

critical
9.8
First published (updated )
CVE-2022-4427

OTRSSMTP Password will be shown in cleartext on some SMTP errors

medium
6.3
EPSS
0.04%
First published (updated )
CVE-2025-24389

OTRSImproper check of permissions in Generic Interface

low
3.5
First published (updated )
CVE-2024-43446

OTRSMissing X-Content-Type-Options: nosniff Header Allows MIME Type Sniffing

medium
5.4
First published (updated )
CVE-2024-43445

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSMissing Cookie Flags

medium
6.8
EPSS
0.04%
First published (updated )
CVE-2025-24390

OTRSXSS

medium
6.1
First published (updated )
CVE-2018-17883

OTRSInformation disclouse and DoS via websocket push events

high
8.1
First published (updated )
CVE-2023-2534

OTRSPossible XSS execution in customer information

medium
5.5
First published (updated )
CVE-2023-5421

OTRSSSL Certificates are not checked for E-Mail Handling

critical
9.1
First published (updated )
CVE-2023-5422

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSXSS

medium
4.8
First published (updated )
CVE-2019-9751

OTRSXSS

medium
5.4
First published (updated )
CVE-2019-9752

OTRSInsufficient access control

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2024-23792

OTRSCode execution via System Configuration

high
7.2
First published (updated )
CVE-2023-38056

OTRSTickets can be moved without permissions

medium
4.3
First published (updated )
CVE-2023-38058

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSXSS stored in survey answers

medium
5.4
First published (updated )
CVE-2023-38057

OTRSPassword is send back to client

high
8.1
EPSS
0.09%
First published (updated )
CVE-2023-6254

Otrs Cis In Customer FrontendAgent is able to link customer's Config Items without permission

medium
4.3
First published (updated )
CVE-2021-21436

OTRSXSS in Survey Module

medium
4.8
First published (updated )
CVE-2021-21434

OTRSPossible XSS in Customer user address book

medium
5.4
First published (updated )
CVE-2020-1771

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSXSS attack using special link in email

medium
6.5
First published (updated )
CVE-2021-36092

OTRSInformation disclosure in the External Interface

medium
4.3
First published (updated )
CVE-2022-1004

OTRSPossible XSS attack via translation

medium
5.4
First published (updated )
CVE-2022-0475

OTRSAuthenticated remote code execution

critical
9
First published (updated )
CVE-2021-36100

OTRSFAQ articles are shown to users without permission

medium
4.3
First published (updated )
CVE-2021-21438

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OTRSAutocomplete in the form login screens

medium
4.3
First published (updated )
CVE-2020-1769

OTRSThe CustomerInterface component in Open Ticket Request System (OTRS) before 2.2.8 allows remote auth…

medium
6.5
First published (updated )
CVE-2008-7279

OTRSAgent names disclosed in chat feature

medium
5.3
First published (updated )
CVE-2020-1777

OTRSInvalidating or changing user does not invalidate session

medium
4.3
First published (updated )
CVE-2020-1776

OTRSImproper handling of uploaded inline images

medium
6.1
First published (updated )
CVE-2020-1766

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203