Skip to main content

Otrs

91 CVEs product

Monthly

CVE-2026-48187 MEDIUM This Month

Uncontrolled resource allocation in OTRS's e-mail handling subsystem allows a low-privileged authenticated user to trigger unbounded memory or resource consumption, ultimately aborting the webserver and causing a denial of service against the entire OTRS interface. Affected versions span OTRS 8.0.X through 2026.X prior to 2026.4.X, and the ((OTRS)) Community Edition 6.x and OTRS 7.x branches are noted by the vendor as very likely affected as well. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Denial Of Service Otrs Otrs Community Edition
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-48188 CRITICAL Act Now

Unauthenticated SQL injection in OTRS and the legacy ((OTRS)) Community Edition database layer enables authentication bypass when the backing MySQL/MariaDB instance runs with the NO_BACKSLASH_ESCAPES SQL mode. The flaw carries a CVSS of 9.1 with network-reachable, no-privileges-required exploitation against confidentiality and integrity, but no public exploit identified at time of analysis and the issue is gated by a specific non-default database configuration.

SQLi Authentication Bypass Otrs Otrs Community Edition
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-48189 MEDIUM This Month

Improper input validation in the OTRS Customer Backend module allows authenticated low-privilege users to bypass group-based access controls and read customer records restricted to other groups. Affected versions span every major OTRS release line (7.0.X through 2026.X before 2026.4.X), though exploitation is gated by a non-default configuration requirement. No public exploit identified at time of analysis and this vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Otrs
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-48190 LOW Monitor

Incorrect permission enforcement in OTRS External Interface and ConfigItem List module allows an authenticated customer to query Configuration Item (CI) data beyond their authorized group scope. The flaw is conditional - both the CMDB module and CustomerGroupSupport must be active simultaneously, substantially narrowing the affected population. Rated CVSS 3.5 (Low) with no confirmed active exploitation and no public exploit code identified at time of analysis, this is a scoped information disclosure risk primarily threatening organizations that expose CMDB asset data through the customer portal.

Privilege Escalation Otrs
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2026-48191 LOW Monitor

Information disclosure in OTRS Document Search Article Meta Filters modules (present in both STORM-powered OTRS and standalone OTRS 2026.x) permits authenticated low-privileged users to enumerate metadata - specifically the count of Configuration Items (CIs), SLAs, and services - for objects they are not authorized to access. Affected versions span OTRS with STORM modules 7.0.X through 2026.X before 2026.4.X, making this a broad version-range exposure with a low CVSS score of 3.5. No public exploit identified at time of analysis and the vulnerability has not been added to the CISA KEV catalog.

Privilege Escalation Otrs
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2026-48208 MEDIUM This Month

SVG content injection in OTRS ticket article rendering enables unauthenticated remote attackers to deliver browser-side denial of service against agents and customers who open affected tickets. Specially crafted SVG payloads submitted via inbound email trigger uncontrolled resource exhaustion during rendering, without requiring JavaScript execution, and the attack vector is not blocked by the application's configured Content Security Policy - making CSP-based mitigations ineffective. No public exploit code or active exploitation has been identified at time of analysis, but the low-complexity, no-authentication-required delivery mechanism (via email) lowers the barrier to abuse significantly.

Denial Of Service Otrs Otrs Community Edition
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-48209 HIGH This Week

Reflected cross-site scripting in OTRS 7.0.x and ((OTRS)) Community Edition 6.x and earlier allows remote attackers to execute arbitrary JavaScript in an authenticated agent's browser session by tricking the agent into clicking a crafted ticket-action URL. The CVSS 7.1 (UI:R) rating reflects the need for victim interaction, and no public exploit identified at time of analysis, but the high integrity impact and the ubiquity of OTRS-derived help-desk forks make this a meaningful risk for ticketing environments.

XSS Otrs Otrs Community Edition
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-48210 MEDIUM This Month

Unintended internal ticket data exposure in OTRS 2026.3.1 occurs because the ticket article forwarding feature enforces the 'Is visible for customer' flag by default and provides no UI control to override it. Authenticated agents who forward ticket articles will inadvertently expose internal communications or notes to customers through the External Frontend without any warning or opt-out. No public exploit code exists and this is not listed in CISA KEV, but the high confidentiality impact (C:H in CVSS) makes this a meaningful data-leak risk for organizations handling sensitive support workflows.

Information Disclosure Otrs
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2024-6540 MEDIUM This Month

Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-23794 HIGH This Week

An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Otrs
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23792 MEDIUM This Month

When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Otrs
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-23791 HIGH This Week

Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Elastic Information Disclosure Otrs
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-23790 CRITICAL Act Now

Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes.0.X through 7.0.48, from 8.0.X through 8.0.37, from. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2023-6254 HIGH This Week

A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response-0.X through 8.0.37. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-5422 CRITICAL Act Now

The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Otrs
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2023-5421 MEDIUM This Month

An attacker who is logged into OTRS as an user with privileges to create and change customer user data may manipulate the CustomerID field to execute JavaScript code that runs immediatly after the. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-38059 MEDIUM This Month

The loading of external images is not blocked, even if configured, if the attacker uses protocol-relative URL in the payload. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-38060 HIGH This Week

Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Otrs
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-38058 MEDIUM This Month

An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket without the needed permission.0.X before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Otrs
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-38056 HIGH This Week

Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Otrs
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-2534 HIGH This Week

Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Otrs
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2023-1250 HIGH This Week

Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Otrs
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-1248 MEDIUM This Month

Improper Input Validation vulnerability in OTRS AG OTRS (Ticket Actions modules), OTRS AG ((OTRS)) Community Edition (Ticket Actions modules) allows Cross-Site Scripting (XSS).0.X before 7.0.42;. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-4427 CRITICAL Act Now

Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Otrs
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-3501 HIGH This Week

Article template contents with sensitive data could be accessed from agents without permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-39052 MEDIUM This Month

An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Otrs
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-39051 HIGH This Week

Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-39050 MEDIUM This Month

An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store JavaScript code to be run later by any other agent when clicking the customer URL link. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-39049 MEDIUM This Month

An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-32741 MEDIUM This Month

Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-32740 MEDIUM This Month

A reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-32739 MEDIUM This Month

When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Calendar Resource Planning Otrs
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-1004 MEDIUM This Month

Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend::TicketDetailView###AccountedTimeDisplay is disabled. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-0475 MEDIUM This Month

Malicious translator is able to inject JavaScript code in few translatable strings (where HTML is allowed). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2021-36097 MEDIUM This Month

Agents are able to lock the ticket without the "Owner" permission. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-36096 MEDIUM This Month

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2021-36095 MEDIUM This Month

Malicious attacker is able to find out valid user logins by using the "lost password" feature. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-36094 MEDIUM This Month

It's possible to craft a request for appointment edit screen, which could lead to the XSS attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-36093 MEDIUM This Month

It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-36092 MEDIUM This Month

It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-36091 MEDIUM This Month

Agents are able to list appointments in the calendars without required permissions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-21443 MEDIUM This Month

Agents are able to list customer user emails without required permissions in the bulk action screen. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-21440 MEDIUM This Month

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-21441 HIGH This Week

There is a XSS vulnerability in the ticket overview screens. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-21439 MEDIUM This Month

DoS attack can be performed when an email contains specially designed URL in the body. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-21438 MEDIUM This Month

Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Faq Otrs
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-21435 MEDIUM This Month

Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2020-1778 MEDIUM This Month

When OTRS uses multiple backends for user authentication (with LDAP), agents are able to login even if the account is set to invalid.0.9 and prior versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Otrs
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2020-1777 MEDIUM This Month

Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-1776 MEDIUM PATCH This Month

When an agent user is renamed or set to invalid the session belonging to the user is keept active. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Otrs
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-1775 MEDIUM This Month

BCC recipients in mails sent from OTRS are visible in article detail on external interface.0.3 and prior versions, 7.0.17 and prior versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-1774 MEDIUM This Month

When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2020-1773 HIGH This Week

An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2020-1772 HIGH PATCH This Week

It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Otrs Backports Sle Leap Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-1771 MEDIUM This Month

Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-1770 MEDIUM This Month

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Backports Sle Leap Debian Linux
NVD
CVSS 3.1
4.3
EPSS
1.3%
CVE-2020-1769 MEDIUM This Month

In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Backports Sle Leap
NVD
CVSS 3.1
4.3
EPSS
1.3%
CVE-2020-1768 MEDIUM This Month

The external frontend system uses numerous background calls to the backend. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-1767 MEDIUM This Month

Agent A is able to save a draft (i.e. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-1766 MEDIUM PATCH This Month

Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs Debian Linux
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2020-1765 MEDIUM PATCH This Month

An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Otrs Debian Linux Backports Sle Leap
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2019-18180 HIGH PATCH This Week

Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Otrs
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2019-13458 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2019-12746 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2019-12248 MEDIUM This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.1
4.3
EPSS
1.8%
CVE-2019-12497 MEDIUM This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.1
5.3
EPSS
2.0%
CVE-2019-9753 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.x before 7.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Otrs
NVD
CVSS 3.0
4.3
EPSS
0.9%
CVE-2019-9892 MEDIUM This Month

An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2019-10067 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs
NVD
CVSS 3.1
5.4
EPSS
1.2%
CVE-2019-10066 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2019-9752 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs Backports Sle Leap
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2019-9751 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs
NVD
CVSS 3.0
4.8
EPSS
0.8%
CVE-2018-10198 MEDIUM PATCH This Month

An issue was discovered in OTRS 6.0.x before 6.0.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Otrs
NVD
CVSS 3.0
4.3
EPSS
1.0%
CVE-2018-7567 HIGH POC This Week

In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Otrs
NVD
CVSS 3.0
7.2
EPSS
5.3%
CVE-2017-17476 HIGH PATCH This Week

Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Otrs Debian Linux
NVD GitHub
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-16854 MEDIUM This Month

In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-16921 HIGH POC PATCH THREAT Act Now

In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.9%.

Command Injection Otrs Debian Linux
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
33.9%
Threat
4.3
CVE-2017-16664 HIGH PATCH This Week

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Code Injection Otrs Debian Linux
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2017-15864 HIGH This Week

In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-14635 HIGH This Week

In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Otrs
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2017-9324 HIGH This Week

In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Otrs Debian Linux
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2017-9299 MEDIUM POC This Month

Open Ticket Request System (OTRS) 3.3.9 has XSS in index.pl?Action=AgentStats requests, as demonstrated by OrderBy=[XSS] and Direction=[XSS] attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Otrs
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-9139 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Otrs
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2014-2554 MEDIUM This Month

OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Opensuse Otrs
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-2553 LOW Monitor

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote authenticated users to inject arbitrary. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Otrs
NVD VulDB
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-1695 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Otrs
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
3.6%
CVE-2014-1694 MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) CustomerPreferences.pm, (2) CustomerTicketMessage.pm, (3) CustomerTicketProcess.pm, and (4) CustomerTicketZoom.pm in Kernel/Modules/. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Otrs
NVD GitHub
CVSS 2.0
6.8
EPSS
0.6%
CVE-2014-1471 HIGH PATCH This Week

SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System (OTRS) 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Otrs
NVD GitHub
CVSS 2.0
7.5
EPSS
1.6%
CVE-2012-4751 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.15, 3.0.x before 3.0.17, and 3.1.x before 3.1.11 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Otrs
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
5.6%
CVE-2012-4600 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.14, 3.0.x before 3.0.16, and 3.1.x before 3.1.10, when Firefox or Opera is used, allows remote. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla XSS Otrs Otrs Itsm
NVD Exploit-DB
CVSS 2.0
2.6
EPSS
6.9%
EPSS 0% CVSS 5.7
MEDIUM This Month

Uncontrolled resource allocation in OTRS's e-mail handling subsystem allows a low-privileged authenticated user to trigger unbounded memory or resource consumption, ultimately aborting the webserver and causing a denial of service against the entire OTRS interface. Affected versions span OTRS 8.0.X through 2026.X prior to 2026.4.X, and the ((OTRS)) Community Edition 6.x and OTRS 7.x branches are noted by the vendor as very likely affected as well. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Denial Of Service Otrs Otrs Community Edition
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Unauthenticated SQL injection in OTRS and the legacy ((OTRS)) Community Edition database layer enables authentication bypass when the backing MySQL/MariaDB instance runs with the NO_BACKSLASH_ESCAPES SQL mode. The flaw carries a CVSS of 9.1 with network-reachable, no-privileges-required exploitation against confidentiality and integrity, but no public exploit identified at time of analysis and the issue is gated by a specific non-default database configuration.

SQLi Authentication Bypass Otrs +1
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

Improper input validation in the OTRS Customer Backend module allows authenticated low-privilege users to bypass group-based access controls and read customer records restricted to other groups. Affected versions span every major OTRS release line (7.0.X through 2026.X before 2026.4.X), though exploitation is gated by a non-default configuration requirement. No public exploit identified at time of analysis and this vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Otrs
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Incorrect permission enforcement in OTRS External Interface and ConfigItem List module allows an authenticated customer to query Configuration Item (CI) data beyond their authorized group scope. The flaw is conditional - both the CMDB module and CustomerGroupSupport must be active simultaneously, substantially narrowing the affected population. Rated CVSS 3.5 (Low) with no confirmed active exploitation and no public exploit code identified at time of analysis, this is a scoped information disclosure risk primarily threatening organizations that expose CMDB asset data through the customer portal.

Privilege Escalation Otrs
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Information disclosure in OTRS Document Search Article Meta Filters modules (present in both STORM-powered OTRS and standalone OTRS 2026.x) permits authenticated low-privileged users to enumerate metadata - specifically the count of Configuration Items (CIs), SLAs, and services - for objects they are not authorized to access. Affected versions span OTRS with STORM modules 7.0.X through 2026.X before 2026.4.X, making this a broad version-range exposure with a low CVSS score of 3.5. No public exploit identified at time of analysis and the vulnerability has not been added to the CISA KEV catalog.

Privilege Escalation Otrs
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

SVG content injection in OTRS ticket article rendering enables unauthenticated remote attackers to deliver browser-side denial of service against agents and customers who open affected tickets. Specially crafted SVG payloads submitted via inbound email trigger uncontrolled resource exhaustion during rendering, without requiring JavaScript execution, and the attack vector is not blocked by the application's configured Content Security Policy - making CSP-based mitigations ineffective. No public exploit code or active exploitation has been identified at time of analysis, but the low-complexity, no-authentication-required delivery mechanism (via email) lowers the barrier to abuse significantly.

Denial Of Service Otrs Otrs Community Edition
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Reflected cross-site scripting in OTRS 7.0.x and ((OTRS)) Community Edition 6.x and earlier allows remote attackers to execute arbitrary JavaScript in an authenticated agent's browser session by tricking the agent into clicking a crafted ticket-action URL. The CVSS 7.1 (UI:R) rating reflects the need for victim interaction, and no public exploit identified at time of analysis, but the high integrity impact and the ubiquity of OTRS-derived help-desk forks make this a meaningful risk for ticketing environments.

XSS Otrs Otrs Community Edition
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

Unintended internal ticket data exposure in OTRS 2026.3.1 occurs because the ticket article forwarding feature enforces the 'Is visible for customer' flag by default and provides no UI control to override it. Authenticated agents who forward ticket articles will inadvertently expose internal communications or notes to customers through the External Frontend without any warning or opt-out. No public exploit code exists and this is not listed in CISA KEV, but the high confidentiality impact (C:H in CVSS) makes this a meaningful data-leak risk for organizations handling sensitive support workflows.

Information Disclosure Otrs
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Otrs
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Otrs
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Elastic Information Disclosure Otrs
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes.0.X through 7.0.48, from 8.0.X through 8.0.37, from. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response-0.X through 8.0.37. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Otrs
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An attacker who is logged into OTRS as an user with privileges to create and change customer user data may manipulate the CustomerID field to execute JavaScript code that runs immediatly after the. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The loading of external images is not blocked, even if configured, if the attacker uses protocol-relative URL in the payload. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Otrs
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket without the needed permission.0.X before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Otrs
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Otrs
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Otrs
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Otrs
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Improper Input Validation vulnerability in OTRS AG OTRS (Ticket Actions modules), OTRS AG ((OTRS)) Community Edition (Ticket Actions modules) allows Cross-Site Scripting (XSS).0.X before 7.0.42;. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Otrs
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Article template contents with sensitive data could be accessed from agents without permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Otrs
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store JavaScript code to be run later by any other agent when clicking the customer URL link. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Calendar Resource Planning Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend::TicketDetailView###AccountedTimeDisplay is disabled. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Malicious translator is able to inject JavaScript code in few translatable strings (where HTML is allowed). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Agents are able to lock the ticket without the "Owner" permission. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Malicious attacker is able to find out valid user logins by using the "lost password" feature. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

It's possible to craft a request for appointment edit screen, which could lead to the XSS attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Agents are able to list appointments in the calendars without required permissions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Agents are able to list customer user emails without required permissions in the bulk action screen. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 7.5
HIGH This Week

There is a XSS vulnerability in the ticket overview screens. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

DoS attack can be performed when an email contains specially designed URL in the body. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Faq Otrs
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

When OTRS uses multiple backends for user authentication (with LDAP), agents are able to login even if the account is set to invalid.0.9 and prior versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Otrs
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

When an agent user is renamed or set to invalid the session belonging to the user is keept active. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

BCC recipients in mails sent from OTRS are visible in article detail on external interface.0.3 and prior versions, 7.0.17 and prior versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
EPSS 2% CVSS 8.1
HIGH This Week

An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Otrs Backports Sle +2
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Backports Sle +2
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Backports Sle +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

The external frontend system uses numerous background calls to the backend. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Agent A is able to save a draft (i.e. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs Debian Linux
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Otrs Debian Linux +2
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Otrs
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Otrs Debian Linux
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Otrs Debian Linux
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.x before 7.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Otrs
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs Backports Sle +1
NVD
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

An issue was discovered in OTRS 6.0.x before 6.0.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Otrs
NVD
EPSS 5% CVSS 7.2
HIGH POC This Week

In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Otrs
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Otrs Debian Linux
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
EPSS 34% 4.3 CVSS 8.8
HIGH POC PATCH THREAT Act Now

In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.9%.

Command Injection Otrs Debian Linux
NVD Exploit-DB
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Code Injection Otrs +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Otrs Debian Linux
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Otrs
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Otrs Debian Linux
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Open Ticket Request System (OTRS) 3.3.9 has XSS in index.pl?Action=AgentStats requests, as demonstrated by OrderBy=[XSS] and Direction=[XSS] attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Otrs
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Otrs
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Opensuse Otrs
NVD VulDB
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote authenticated users to inject arbitrary. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Otrs
NVD VulDB
EPSS 4% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Otrs
NVD Exploit-DB
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) CustomerPreferences.pm, (2) CustomerTicketMessage.pm, (3) CustomerTicketProcess.pm, and (4) CustomerTicketZoom.pm in Kernel/Modules/. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Otrs
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System (OTRS) 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Otrs
NVD GitHub
EPSS 6% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.15, 3.0.x before 3.0.17, and 3.1.x before 3.1.11 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Otrs
NVD Exploit-DB
EPSS 7% CVSS 2.6
LOW POC Monitor

Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.14, 3.0.x before 3.0.16, and 3.1.x before 3.1.10, when Firefox or Opera is used, allows remote. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla XSS Otrs +1
NVD Exploit-DB
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy