Vulnerabilities > Otrs > Otrs > 6.0.5

DATE CVE VULNERABILITY TITLE RISK
2020-03-19 CVE-2019-16375 Cross-site Scripting vulnerability in Otrs
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22.
network
low complexity
otrs CWE-79
5.4
5.4
2020-01-10 CVE-2020-1767 Agent A is able to save a draft (i.e.
network
low complexity
otrs debian
4.3
4.3
2020-01-10 CVE-2020-1766 Cross-site Scripting vulnerability in multiple products
Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file.
network
low complexity
otrs debian CWE-79
6.1
6.1
2020-01-10 CVE-2020-1765 An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound.
network
low complexity
otrs debian opensuse
5.3
5.3
2020-01-06 CVE-2019-18179 An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23.
network
low complexity
otrs debian opensuse
4.3
4.3
2019-12-05 CVE-2019-18180 Infinite Loop vulnerability in Otrs
Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g.
network
low complexity
otrs CWE-835
7.5
7.5
2019-08-21 CVE-2019-13458 An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19.
network
low complexity
otrs debian
6.5
6.5
2019-08-21 CVE-2019-12746 Information Exposure vulnerability in multiple products
An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19.
network
low complexity
otrs debian CWE-200
6.5
6.5
2019-07-08 CVE-2018-11563 An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.7.
network
low complexity
otrs debian
4.6
4.6
2019-06-17 CVE-2019-12248 An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36.
network
low complexity
otrs debian
4.3
4.3