Описание
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 6.0.3-1 |
| cosmic | not-affected | 6.0.3-1 |
| devel | DNE | |
| disco | not-affected | 6.0.3-1 |
| eoan | not-affected | 6.0.3-1 |
| esm-apps/bionic | not-affected | 6.0.3-1 |
| esm-apps/focal | not-affected | 6.0.3-1 |
| esm-apps/jammy | not-affected | 6.0.3-1 |
| esm-apps/xenial | needed |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5. ...
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
6.8 Medium
CVSS2
8.8 High
CVSS3