Vulnerabilidades en OTRS AG
81 resultadosCVE-2020-1772MEDIUMInformation DisclosureEPSS 1.6%CVE-2020-1773HIGHSession / Password / Password token leakEPSS 1.5%CVE-2020-1765LOWSpoofing of From field in several screensEPSS 1.5%CVE-2020-1770LOWInformation disclosure in support bundle filesEPSS 1.3%CVE-2021-36100MEDIUMAuthenticated remote code executionEPSS 1.3%CVE-2020-1766LOWImproper handling of uploaded inline imagesEPSS 1.3%CVE-2021-21435MEDIUMInformation exposure in PDF exportEPSS 1.3%CVE-2020-1769LOWAutocomplete in the form login screensEPSS 1.3%CVE-2020-1767LOWPossible to send drafted messages as wrong agentEPSS 1.2%CVE-2021-21441HIGHXSS in the ticket overview screensEPSS 1.2%CVE-2021-36093MEDIUMDoS attack using PostMaster filtersEPSS 1.1%CVE-2020-1779MEDIUMDynamic templates reveal sensitive data when OTRS tags are usedEPSS 1.0%CVE-2021-21439MEDIUMPossible DoS attack using a special crafted URL in email bodyEPSS 1.0%CVE-2020-1776LOWInvalidating or changing user does not invalidate sessionEPSS 0.9%CVE-2021-36095MEDIUMUser enumeration issue using "lost password" featureEPSS 0.9%CVE-2020-1774MEDIUMInformation disclosureEPSS 0.9%CVE-2021-21443LOWUnautorized listing of the customer user emailsEPSS 0.9%CVE-2020-1771MEDIUMPossible XSS in Customer user address bookEPSS 0.8%CVE-2020-1777MEDIUMAgent names disclosed in chat featureEPSS 0.8%CVE-2020-1775LOWInformation disclosure in external interfaceEPSS 0.8%