Skip to main content

Open Ticket Request System

6 CVEs product

Monthly

CVE-2018-19143 MEDIUM PATCH This Month

Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Open Ticket Request System Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2018-19142 MEDIUM This Month

Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Open Ticket Request System
NVD
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-19141 MEDIUM PATCH This Month

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Open Ticket Request System Debian Linux
NVD
CVSS 3.0
4.8
EPSS
0.7%
CVE-2018-16587 MEDIUM PATCH This Month

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Open Ticket Request System Debian Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
1.8%
CVE-2018-16586 MEDIUM PATCH This Month

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Open Ticket Request System Debian Linux
NVD GitHub
CVSS 3.0
4.3
EPSS
1.5%
CVE-2018-14593 HIGH This Week

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Open Ticket Request System Debian Linux
NVD
CVSS 3.0
8.8
EPSS
1.9%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Open Ticket Request System Debian Linux
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Open Ticket Request System
NVD
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Open Ticket Request System Debian Linux
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Open Ticket Request System Debian Linux
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Open Ticket Request System Debian Linux
NVD GitHub
EPSS 2% CVSS 8.8
HIGH This Week

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Open Ticket Request System Debian Linux
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy