Debian Otrs2 vulnerabilities

CVE-2020-1767 [LOW] CVE-2020-1767: otrs2 - Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open... Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.

CVE-2020-1768 [MEDIUM] CVE-2020-1768: otrs2 - The external frontend system uses numerous background calls to the backend. Each... The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions. Scope: local bullseye: resolved

CVE-2020-1778 [MEDIUM] CVE-2020-1778: otrs2 - When OTRS uses multiple backends for user authentication (with LDAP), agents are... When OTRS uses multiple backends for user authentication (with LDAP), agents are able to login even if the account is set to invalid. This issue affects OTRS; 8.0.9 and prior versions. Scope: local bullseye: resolved

CVE-2020-1765 [LOW] CVE-2020-1765: otrs2 - An improper control of parameters allows the spoofing of the from fields of the ... An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions. Scope: loca

CVE-2020-1775 [LOW] CVE-2020-1775: otrs2 - BCC recipients in mails sent from OTRS are visible in article detail on external... BCC recipients in mails sent from OTRS are visible in article detail on external interface. This issue affects OTRS: 8.0.3 and prior versions, 7.0.17 and prior versions. Scope: local bullseye: resolved

CVE-2020-1770 [LOW] CVE-2020-1770: otrs2 - Support bundle generated files could contain sensitive information that might be... Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions. Scope: local bullseye: resolved (fixed in 6.0.27-1)

CVE-2020-1777 [MEDIUM] CVE-2020-1777: otrs2 - Agent names that participates in a chat conversation are revealed in certain par... Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask real agent names. This issue affects OTRS; 7.0.21 and prior versions, 8.0.6 and prior versions. Scope: local bullseye: resolved

CVE-2020-1776 [LOW] CVE-2020-1776: otrs2 - When an agent user is renamed or set to invalid the session belonging to the use... When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions. Scope: local bullseye: resolved (fixed in 6.0.29-1)

CVE-2020-1766 [LOW] CVE-2020-1766: otrs2 - Due to improper handling of uploaded images it is possible in very unlikely and ... Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 a

CVE-2019-18179 [MEDIUM] CVE-2019-18179: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.1... An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions. Scope: local bullseye: resolved (fixed in 6.0.24-

CVE-2019-9892 [MEDIUM] CVE-2019-9892: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34,... An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem. Scope: local bullseye: resolved (fi

CVE-2019-16375 [MEDIUM] CVE-2019-16375: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.1... An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious JavaScript code as an article body. This malicious code is executed wh

CVE-2019-12746 [MEDIUM] CVE-2019-12746: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5... An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user. Sc

CVE-2019-11358 [MEDIUM] CVE-2019-11358: mediawiki - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan... jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. Scope: local bookworm: resolved (fixed in 1:1.31.2-1) bullseye: resolved (fixed in 1:1.31.

CVE-2019-13458 [MEDIUM] CVE-2019-13458: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8... An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords. Scope: local bullseye: resolved (fixed in

CVE-2019-12497 [MEDIUM] CVE-2019-12497: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8... An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes. Scope: local bullseye: resolved (fixed in 6.0.19-1)

CVE-2019-12248 [MEDIUM] CVE-2019-12248: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7... An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources. Scope: local bullseye: resolved (fixe

CVE-2019-10066 [MEDIUM] CVE-2019-10066: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, ... An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS. Sco

CVE-2019-10067 [MEDIUM] CVE-2019-10067: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 a... An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS. Scope: local bullseye: resolved (fixed in 6.0.18-1)

CVE-2019-9751 [MEDIUM] CVE-2019-9751: otrs2 - An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 a... An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm. Scope: local bullseye: resolved (fixed in 6.0.17-1)