Otrs Ag Otrs vulnerabilities
75 known vulnerabilities affecting otrs_ag/otrs.
Total CVEs
75
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH14MEDIUM53LOW4
Vulnerabilities
Page 1 of 4
CVE-2026-48188P2CRITICALCVSS 9.1v7.0.xv8.0.x+4 more2026-06-01
CVE-2026-48188 [CRITICAL] CWE-20 CVE-2026-48188: An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer modu
An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode.
This issue affects OTRS:
* 7.0.X
* 8.0.X
* 2
nvd
CVE-2024-23790P3CRITICALCVSS 9.8≥ 8.0.x, ≤ 8.0.37≥ 2023, ≤ 2023.1.1+1 more2024-01-29
CVE-2024-23790 [CRITICAL] CWE-20 CVE-2024-23790: Improper Input Validation vulnerability in the upload functionality for user avatars allows function
Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes.
This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1.
nvd
CVE-2021-36100P3HIGHCVSS 8.8≥ 8.0.x, ≤ 8.0.19≥ 7.0.x, ≤ 7.0.322022-03-21
CVE-2021-36100 [HIGH] CWE-78 CVE-2021-36100: Specially crafted string in OTRS system configuration can allow the execution of any system command.
Specially crafted string in OTRS system configuration can allow the execution of any system command.
nvd
CVE-2022-4427P3CRITICALCVSS 9.8≥ 7.0.1, < 7.0.40 Patch 1≥ 8.0.1, < 8.0.28 Patch 12022-12-19
CVE-2022-4427 [CRITICAL] CWE-20 CVE-2022-4427: Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows S
Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice
This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
nvd
CVE-2023-38060P3HIGHCVSS 8.8≥ 7.0.x, < 7.0.45≥ 8.0.x, < 8.0.352023-07-24
CVE-2023-38060 [HIGH] CWE-20 CVE-2023-38060: Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate
Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment.
This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X befor
nvd
CVE-2023-5422P3CRITICALCVSS 9.1≥ 7.0.x, < 7.0.47≥ 8.0.x, < 8.0.372023-10-16
CVE-2023-5422 [CRITICAL] CWE-295 CVE-2023-5422: The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for st
The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. As the
SSL_get_verify_result() function is not used the certificated is trusted always and it can not be ensured that the certificate
satisfies all necessary security requirements.
This could allow an
attacker to
nvd
CVE-2024-43444P3HIGHCVSS 8.2≥ 7.0.x, ≤ 7.0.50v8.0.x+2 more2024-08-26
CVE-2024-43444 [HIGH] CWE-532 CVE-2024-43444: Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certai
Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled.
This issue affects:
* OTRS from 7.0.X through 7.0.50
* OTRS 8.0.X
* OTRS 2023.X
* OTRS from 2024.X through 2024.5.X
* ((OTRS)) C
nvd
CVE-2023-2534P3HIGHCVSS 8.1≥ 8.0.x, < 8.0.322023-05-08
CVE-2023-2534 [HIGH] CWE-285 CVE-2023-2534: Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent a
Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. User IDs can easily be correlated with real names e. g. via
ticket histories by any user. (Fuzzing for garnering other adjacent user/sensitive data). Subscri
nvd
CVE-2024-23794P3HIGHCVSS 7.5v8.0.xv2023.x+1 more2024-07-15
CVE-2024-23794 [HIGH] CWE-266 CVE-2024-23794: An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead
An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting 'RequiredLock' of 'AgentFrontend::Ticket::InlineEdi
nvd
CVE-2020-1773P3HIGHCVSS 8.1v7.0.15 and prior2020-03-27
CVE-2020-1773 [HIGH] CWE-331 CVE-2020-1773: An attacker with the ability to generate session IDs or password reset tokens, either by being able
An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions.
nvd
CVE-2020-1772P3HIGHCVSS 7.5≥ 7.0.x, ≤ 7.0.152020-03-27
CVE-2020-1772 [HIGH] CWE-155 CVE-2020-1772: It's possible to craft Lost Password requests with wildcards in the Token value, which allows attack
It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
nvd
CVE-2021-21441P3HIGHCVSS 7.5≥ 7.0.x, ≤ 7.0.262021-06-16
CVE-2021-21441 [HIGH] CWE-79 CVE-2021-21441: There is a XSS vulnerability in the ticket overview screens. It's possible to collect various inform
There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and l
nvd
CVE-2023-6254P3HIGHCVSS 7.5≥ 8.0.x, ≤ 8.0.372023-11-27
CVE-2023-6254 [HIGH] CWE-522 CVE-2023-6254: A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwo
A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response-
This issue affects OTRS: from 8.0.X through 8.0.37.
nvd
CVE-2023-38056P3HIGHCVSS 7.2≥ 7.0.x, < 7.0.45≥ 8.0.x, < 8.0.352023-07-24
CVE-2023-38056 [HIGH] CWE-78 CVE-2023-38056: Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. Schedu
Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
nvd
CVE-2022-39051P3HIGHCVSS 8.8v7.0.x 7.0.36v8.0.x 8.0.242022-09-05
CVE-2022-39051 [HIGH] CWE-913 CVE-2022-39051: Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin i
Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package
nvd
CVE-2023-1250P3HIGHCVSS 7.8≥ 7.0.x, < 7.0.42≥ 8.0.x, < 8.0.312023-03-20
CVE-2023-1250 [HIGH] CWE-20 CVE-2023-1250: Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Ed
Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names
This issue affects OTRS: from 7.0.X before 7.0.42, from 8.0.X before 8.0.31; ((OTRS)
nvd
CVE-2024-23791P3HIGHCVSS 7.5≥ 7.0.x, ≤ 7.0.48≥ 8.0.x, ≤ 8.0.37+1 more2024-01-29
CVE-2024-23791 [HIGH] CWE-532 CVE-2024-23791: Insertion of debug information into log file during building the elastic search index allows reading
Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.
nvd
CVE-2024-23793P3MEDIUMCVSS 6.3≥ 7.0.x, ≤ 7.0.49v8.0.x+2 more2024-06-06
CVE-2024-23793 [MEDIUM] CWE-22 CVE-2024-23793: The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. T
The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl scripts.
This issue affects OTRS: from 7.0.X through
nvd
CVE-2025-24390P3MEDIUMCVSS 6.8v7.0.xv8.0.x+2 more2025-01-27
CVE-2025-24390 [MEDIUM] CWE-614 CVE-2025-24390: A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due t
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions.
This issue affects:
* OTRS 7.0.X
* OTRS 8.0.X
* OTRS 2023.X
* OTRS 2024.X
nvd
CVE-2024-23792P3MEDIUMCVSS 6.5≥ 7.0.x, ≤ 7.0.48≥ 8.0.x, ≤ 8.0.37+1 more2024-01-29
CVE-2024-23792 [MEDIUM] CWE-287 CVE-2024-23792: When adding attachments to ticket comments, another user can add attachments as well impersonating
When adding attachments to ticket comments,
another user can add attachments as well impersonating the orginal user. The attack requires a
logged-in other user to know the UUID. While the legitimate user
completes the comment, the malicious user can add more files to the
comment.
This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through
nvd
1 / 4Next →