Otrs Open Ticket Request System
By the Year
In 2024 there have been 0 vulnerabilities in Otrs Open Ticket Request System . Open Ticket Request System did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 6 | 5.95 |
It may take a day or so for new Open Ticket Request System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Otrs Open Ticket Request System Security Vulnerabilities
Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31
CVE-2018-19141
4.8 - Medium
- November 11, 2018
Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.
XSS
Open Ticket Request System (OTRS) 6.0.x before 6.0.13
CVE-2018-19142
4.8 - Medium
- November 11, 2018
Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL.
XSS
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13
CVE-2018-19143
6.5 - Medium
- November 11, 2018
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
forced browsing
In Open Ticket Request System (OTRS) 4.0.x before 4.0.32
CVE-2018-16586
4.3 - Medium
- September 28, 2018
In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources.
In Open Ticket Request System (OTRS) 4.0.x before 4.0.32
CVE-2018-16587
6.5 - Medium
- September 28, 2018
In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to.
Improper Input Validation
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30
CVE-2018-14593
8.8 - High
- August 04, 2018
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by Otrs? Click the Watch button to subscribe.