Описание
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | not-affected | 6.0.10-1 |
| devel | DNE | |
| disco | not-affected | 6.0.10-1 |
| eoan | not-affected | 6.0.10-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 6.0.10-1 |
| esm-apps/jammy | not-affected | 6.0.10-1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
Показывать по
6.5 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x thr ...
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
6.5 Medium
CVSS2
8.8 High
CVSS3