Vulnerabilities > CVE-2023-38059 - Unspecified vulnerability in Otrs
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
The loading of external images is not blocked, even if configured, if the attacker uses protocol-relative URL in the payload. This can be used to retreive the IP of the user.This issue affects OTRS: from 7.0.X before 7.0.47, from 8.0.X before 8.0.37; ((OTRS)) Community Edition: from 6.0.X through 6.0.34.