Otrs Open Ticket Request System

Do you want an email whenever new security vulnerabilities are reported in Otrs Open Ticket Request System?

By the Year

In 2024 there have been 0 vulnerabilities in Otrs Open Ticket Request System . Open Ticket Request System did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	0	0.00
2022	0	0.00
2021	0	0.00
2020	0	0.00
2019	0	0.00
2018	6	5.95

It may take a day or so for new Open Ticket Request System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Otrs Open Ticket Request System Security Vulnerabilities

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31

CVE-2018-19141 4.8 - Medium - November 11, 2018

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.

XSS

Open Ticket Request System (OTRS) 6.0.x before 6.0.13

CVE-2018-19142 4.8 - Medium - November 11, 2018

Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL.

XSS

Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13

CVE-2018-19143 6.5 - Medium - November 11, 2018

Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.

forced browsing

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32

CVE-2018-16586 4.3 - Medium - September 28, 2018

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources.

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32

CVE-2018-16587 6.5 - Medium - September 28, 2018

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to.

Improper Input Validation

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30

CVE-2018-14593 8.8 - High - August 04, 2018

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Debian Linux or by Otrs? Click the Watch button to subscribe.

Otrs
Vendor

Otrs Open Ticket Request System
Product

Otrs Open Ticket Request System

By the Year

Recent Otrs Open Ticket Request System Security Vulnerabilities

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 CVE-2018-19141 4.8 - Medium - November 11, 2018

Open Ticket Request System (OTRS) 6.0.x before 6.0.13 CVE-2018-19142 4.8 - Medium - November 11, 2018

Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 CVE-2018-19143 6.5 - Medium - November 11, 2018

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32 CVE-2018-16586 4.3 - Medium - September 28, 2018

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32 CVE-2018-16587 6.5 - Medium - September 28, 2018

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30 CVE-2018-14593 8.8 - High - August 04, 2018