Описание
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5. ...
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2