Otrs

Otrs

138 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-12746

  • EPSS 0.54%
  • Veröffentlicht 21.08.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:23:29

An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket ar...

6.5

CVE-2019-13458

  • EPSS 0.38%
  • Veröffentlicht 21.08.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:56

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS...

4.9

CVE-2018-11563

  • EPSS 0.31%
  • Veröffentlicht 08.07.2019 13:15:10
  • Zuletzt bearbeitet 21.11.2024 03:43:37

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged in customer's browser in the context of the OTRS c...

4.3

CVE-2019-12248

  • EPSS 0.68%
  • Veröffentlicht 17.06.2019 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:22:28

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent use...

5.3

CVE-2019-12497

  • EPSS 0.68%
  • Veröffentlicht 17.06.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:22:58

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and...

4.3

CVE-2019-9753

  • EPSS 0.23%
  • Veröffentlicht 03.06.2019 19:29:03
  • Zuletzt bearbeitet 21.11.2024 04:52:14

An issue was discovered in Open Ticket Request System (OTRS) 7.x before 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the...

6.5

CVE-2019-9892

  • EPSS 0.46%
  • Veröffentlicht 22.05.2019 00:29:02
  • Zuletzt bearbeitet 21.11.2024 04:52:31

An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report S...

5.4

CVE-2019-10066

  • EPSS 0.44%
  • Veröffentlicht 22.05.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:18:19

An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may...

5.4

CVE-2019-10067

  • EPSS 0.4%
  • Veröffentlicht 22.05.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:18:19

An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the U...

6.5

CVE-2018-20800

  • EPSS 0.23%
  • Veröffentlicht 13.03.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:02:12

An issue was discovered in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table.