← voltar
CVE-2021-21435

Information exposure in PDF export

CVSS 5.7 MEDIUMEPSS 1.3%CWE-200
Article Bcc fields and agent personal information are shown when customer prints the ticket (PDF) via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Produtos afetados
OTRS AG · OTRS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://otrs.com/release-notes/otrs-security-advisory-2021-02/