otrs ag Otrs Vulnerabilities
Otrs%20ag Otrs vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Session Hijacking Vulnerability in OTRS Application Server
CVE-2025-24387Otrs AgOtrs6.5MEDIUMSession Hijacking Vulnerability in OTRS Application Server
CVE-2025-24390Otrs AgOtrs6.8MEDIUMLog Information Disclosure in OTRS by OTRS AG
CVE-2025-24389Otrs AgOtrs6.3MEDIUMImproper Privilege Management in OTRS Affects Multiple Versions
CVE-2024-43446Otrs AgOtrs3.5LOWContent-Type Sniffing Vulnerability in OTRS by OTRS AG
CVE-2024-43445Otrs AgOtrs5.4MEDIUMPlain Text Passwords Displayed in OTRS Admin Log Module
CVE-2024-43444Otrs AgOtrs8.2HIGHCross-Site Scripting (XSS) Vulnerability Affects OTRS and Community Edition
CVE-2024-43443Otrs AgOtrs4.9MEDIUMImproper Neutralization of Input Leads to Cross-Site Scripting Vulnerability in OTRS
CVE-2024-43442Otrs AgOtrs4.9MEDIUMIncorrect Privilege Assignment in Inline Editing Can Lead to Privilege Escalation
CVE-2024-23794Otrs AgOtrs7.5HIGHUpload of files outside application directory
CVE-2024-23793Otrs AgOtrs6.3MEDIUMMissing file type check in avatar picture upload
CVE-2024-23790OTRS AGOTRS9.8CRITICALUnnecessary data is written to log if issues during indexing occurs
CVE-2024-23791OTRS AGOTRS7.5HIGHInsufficient access control
CVE-2024-23792OTRS AGOTRS6.5MEDIUMPassword is send back to client
CVE-2023-6254Otrs AgOtrs8.1HIGHExternal pictures can be loaded even if not allowed by configuration
CVE-2023-38059Otrs AgOtrs5.3MEDIUMPossible XSS execution in customer information
CVE-2023-5421OTRS AGOTRS5.5MEDIUMSSL Certificates are not checked for E-Mail Handling
CVE-2023-5422OTRS AGOTRS9.1CRITICALCode execution via System Configuration
CVE-2023-38056OTRS AGOTRS7.2HIGHXSS stored in survey answers
CVE-2023-38057Otrs AgOtrs4.1MEDIUMTickets can be moved without permissions
CVE-2023-38058Otrs AgOtrs4.1MEDIUMHost header injection by attachments in web service
CVE-2023-38060Otrs AgOtrs8.8HIGHInformation disclouse and DoS via websocket push events
CVE-2023-2534Otrs AgOtrs7.6HIGHPossible XSS in Ticket Actions
CVE-2023-1248Otrs AgOtrs6.1MEDIUMCode execution through ACL creation
CVE-2023-1250Otrs AgOtrs7.4HIGHSQL Injection via OTRS Search API
CVE-2022-4427Otrs AgOtrs6.5MEDIUM