Debian Otrs2 vulnerabilities
102 known vulnerabilities affecting debian/otrs2.
Total CVEs
102
CISA KEV
1
actively exploited
Public exploits
9
Exploited in wild
3
Severity breakdown
HIGH11MEDIUM55LOW36
Vulnerabilities
Page 1 of 6
CVE-2020-11023P1MEDIUMCVSS 6.9KEVPoCfixed in node-jquery 3.5.0+dfsg-2 (bookworm)2020
CVE-2020-11023 [MEDIUM] CVE-2020-11023: node-jquery - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML...
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Scope: local
bookworm: resolved (fixed in 3.5.0+dfsg-2)
bu
debian
CVE-2020-11022P1MEDIUMCVSS 6.9ExploitedPoCfixed in node-jquery 3.5.0+dfsg-2 (bookworm)2020
CVE-2020-11022 [MEDIUM] CVE-2020-11022: node-jquery - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML f...
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Scope: local
bookworm: resolved (fixed in 3.5.0+dfsg-2)
bullseye: resolved (fixe
debian
CVE-2019-11358P2MEDIUMCVSS 6.1ExploitedPoCfixed in mediawiki 1:1.31.2-1 (bookworm)2019
CVE-2019-11358 [MEDIUM] CVE-2019-11358: mediawiki - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan...
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Scope: local
bookworm: resolved (fixed in 1:1.31.2-1)
bullseye: resolved (fixed in 1:1.31.
debian
CVE-2017-16921P2HIGHCVSS 8.8PoCfixed in otrs2 6.0.2-1 (bullseye)2017
CVE-2017-16921 [HIGH] CVE-2017-16921: otrs2 - In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, ...
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user.
Scope: local
bullseye: resolved (fixed in 6.0.2-1)
debian
CVE-2017-16664P3HIGHCVSS 8.8fixed in otrs2 5.0.24-1 (bullseye)2017
CVE-2017-16664 [HIGH] CVE-2017-16664: otrs2 - Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System...
Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.
Scope: local
bullseye: resolved (fixed in 5.0.24-1)
debian
CVE-2013-4717P3HIGHCVSS 8.8fixed in otrs2 3.2.9-1 (bullseye)2013
CVE-2013-4717 [HIGH] CVE-2013-4717: otrs2 - Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help...
Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm, Kernel/System/CustomerCompany.pm, Kernel/System/Ticket/IndexAccelerator/R
debian
CVE-2022-4427P3MEDIUMCVSS 6.5fixed in znuny 6.4.5-1 (bookworm)2022
CVE-2022-4427 [MEDIUM] CVE-2022-4427: otrs2 - Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Commun...
Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Scope: local
bullseye: open
debian
CVE-2017-9324P3HIGHCVSS 8.8fixed in otrs2 5.0.20-1 (bullseye)2017
CVE-2017-9324 [HIGH] CVE-2017-9324: otrs2 - In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, a...
In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URLs in question contain index.pl?Action=Installer with ;Subaction=Intro or
debian
CVE-2017-14635P3HIGHCVSS 8.8fixed in otrs2 5.0.23-1 (bullseye)2017
CVE-2017-14635 [HIGH] CVE-2017-14635: otrs2 - In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and...
In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection.
Scope: local
bullseye: resolved (fixed in 5.0.23-1)
debian
CVE-2023-38060P3MEDIUMCVSS 6.3fixed in znuny 6.5.3-1 (forky)2023
CVE-2023-38060 [MEDIUM] CVE-2023-38060: otrs2 - Improper Input Validation vulnerability in the ContentType parameter for attachm...
Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment. This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS
debian
CVE-2021-41184P3MEDIUMCVSS 6.5fixed in jqueryui 1.13.0+dfsg-1 (bookworm)2021
CVE-2021-41184 [MEDIUM] CVE-2021-41184: jqueryui - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0...
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of
debian
CVE-2018-14593P3HIGHCVSS 8.8fixed in otrs2 6.0.10-1 (bullseye)2018
CVE-2018-14593 [HIGH] CVE-2018-14593: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9...
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
Scope: local
bullseye: resolved (fixed in 6.0.10-1)
debian
CVE-2021-41182P3MEDIUMCVSS 6.5fixed in jqueryui 1.13.0+dfsg-1 (bookworm)2021
CVE-2021-41182 [MEDIUM] CVE-2021-41182: jqueryui - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0...
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value
debian
CVE-2017-15864P3HIGHCVSS 8.8fixed in otrs2 4.0.7-2 (bullseye)2017
CVE-2017-15864 [HIGH] CVE-2017-15864: otrs2 - In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18,...
In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password.
Scope: local
bullseye: resolved (fixed in 4.0.7-2)
debian
CVE-2011-0456P3HIGHCVSS 7.5fixed in otrs2 2.4.5-1 (bullseye)2011
CVE-2011-0456 [HIGH] CVE-2011-0456: otrs2 - webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows remot...
webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability."
Scope: local
bullseye: resolved (fixed in 2.4.5-1)
debian
CVE-2017-17476P3HIGHCVSS 8.8fixed in otrs2 6.0.3-1 (bullseye)2017
CVE-2017-17476 [HIGH] CVE-2017-17476: otrs2 - Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and ...
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
Scope: local
bullseye: resolved (fixed in 6.0.3-1)
debian
CVE-2014-1695P4MEDIUMCVSS 4.3PoCfixed in otrs2 3.3.5-1 (bullseye)2014
CVE-2014-1695 [MEDIUM] CVE-2014-1695: otrs2 - Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3....
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email.
Scope: local
bullseye: resolved (fixed in 3.3.5-1)
debian
CVE-2012-4751P4MEDIUMCVSS 4.3PoCfixed in otrs2 3.1.7+dfsg1-6 (bullseye)2012
CVE-2012-4751 [MEDIUM] CVE-2012-4751: otrs2 - Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) He...
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.15, 3.0.x before 3.0.17, and 3.1.x before 3.1.11 allows remote attackers to inject arbitrary web script or HTML via an e-mail message body with whitespace before a javascript: URL in the SRC attribute of an element, as demonstrated by an IFRAME element.
Scope: loca
debian
CVE-2014-1471P3LOWCVSS 7.5fixed in otrs2 3.3.4-1 (bullseye)2014
CVE-2014-1471 [HIGH] CVE-2014-1471: otrs2 - SQL injection vulnerability in the StateGetStatesByType function in Kernel/Syste...
SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System (OTRS) 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows remote attackers to execute arbitrary SQL commands via vectors related to a ticket search URL.
Scope: local
bullseye: resolved (fixed in 3.3.4-1)
debian
CVE-2020-1773P3HIGHCVSS 7.3fixed in otrs2 6.0.27-1 (bullseye)2020
CVE-2020-1773 [HIGH] CVE-2020-1773: otrs2 - An attacker with the ability to generate session IDs or password reset tokens, e...
An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and
debian
1 / 6Next →