Vulnerabilities > Otrs > Otrs > 6.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-17 | CVE-2019-12497 | Information Exposure vulnerability in multiple products An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. | 5.3 |
2019-05-22 | CVE-2019-9892 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. | 6.5 |
2019-05-22 | CVE-2019-10067 | Cross-site Scripting vulnerability in Otrs An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. | 5.4 |
2019-05-22 | CVE-2019-10066 | Cross-site Scripting vulnerability in Otrs An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. | 3.5 |
2019-03-13 | CVE-2019-9752 | Cross-site Scripting vulnerability in multiple products An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. | 3.5 |
2019-03-13 | CVE-2019-9751 | Cross-site Scripting vulnerability in Otrs An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. | 3.5 |
2018-06-06 | CVE-2018-10198 | Information Exposure vulnerability in Otrs An issue was discovered in OTRS 6.0.x before 6.0.7. | 4.0 |
2017-12-20 | CVE-2017-17476 | Information Exposure vulnerability in multiple products Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email. | 6.8 |