Описание
In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 6.0.5-1 |
| cosmic | not-affected | 6.0.5-1 |
| devel | DNE | |
| disco | not-affected | 6.0.5-1 |
| eoan | not-affected | 6.0.5-1 |
| esm-apps/bionic | not-affected | 6.0.5-1 |
| esm-apps/focal | not-affected | 6.0.5-1 |
| esm-apps/jammy | not-affected | 6.0.5-1 |
| esm-apps/xenial | needed |
Показывать по
EPSS
4 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets.
In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, ...
In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets.
EPSS
4 Medium
CVSS2
6.5 Medium
CVSS3