Uncontrolled Resource Consumption in OTRS Admin Interface
CVE-2026-6060

4.5MEDIUM

Key Information:

Vendor: Otrs Ag
Status: Otrs
Vendor: CVE Published:; 20 April 2026

What is CVE-2026-6060?

An issue in the SQL Box within the admin interface of OTRS can lead to uncontrolled resource consumption. This may result in denial of service conditions, affecting the web server's availability and negatively impacting system performance. It is crucial for users of OTRS to be aware of this issue and implement necessary mitigations.

Affected Version(s)

OTRS 7.0.x

OTRS 8.0.x

OTRS 2023.x

References

https://otrs.com/release-notes/otrs-security-advisory-202...

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 20, 2026
Vulnerability Reserved
Apr 10, 2026

Credit

Special thanks to Matthias Terlinde for reporting this vulnerability

CVE-2026-6060 Data

JSON

Otrs Ag

What is CVE-2026-6060?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit