• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

Otrs

CVE-2008-7283

February 26, 2023 by

Open Ticket Request System (OTRS) before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions.

CVE-2008-7282

February 26, 2023 by

Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System (OTRS) before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows remote authenticated users to bypass intended access restrictions, and perform certain (1) list and (2) write operations on queues, via unspecified vectors.

CVE-2008-7281

February 26, 2023 by

Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing a Bcc header field that lists the Blind Carbon Copy recipients, which allows remote attackers to obtain potentially sensitive e-mail address information by reading this field.

CVE-2008-7280

February 26, 2023 by

Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Request System (OTRS) before 2.2.7 does not properly handle e-mail messages containing malformed UTF-8 characters, which allows remote attackers to cause a denial of service (e-mail retrieval outage) via a crafted message.

CVE-2008-7279

February 26, 2023 by

The CustomerInterface component in Open Ticket Request System (OTRS) before 2.2.8 allows remote authenticated users to bypass intended access restrictions and access tickets of arbitrary customers via unspecified vectors.

CVE-2018-19143

February 26, 2023 by

Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE