Otrs Ag Otrs vulnerabilities

CVE-2023-38060 [HIGH] CWE-20 CVE-2023-38060: Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment. This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X befor

CVE-2023-38056 [HIGH] CWE-78 CVE-2023-38056: Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. Schedu Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.

CVE-2023-38058 [MEDIUM] CWE-269 CVE-2023-38058: An improper privilege check in the OTRS ticket move action in the agent interface allows any as ag An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket without the needed permission. This issue affects OTRS: from 8.0.X before 8.0.35.

CVE-2023-38057 [MEDIUM] CWE-20 CVE-2023-38057: An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript code in free text answers. This allows a cross site scripting attack while reading the replies as authenticated agent. This issue affects OTRS Survey module from 7.0.X before 7.0.32, from 8.0.

CVE-2023-2534 [HIGH] CWE-285 CVE-2023-2534: Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent a Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. User IDs can easily be correlated with real names e. g. via ticket histories by any user. (Fuzzing for garnering other adjacent user/sensitive data). Subscri

CVE-2023-1250 [HIGH] CWE-20 CVE-2023-1250: Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Ed Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0.X before 7.0.42, from 8.0.X before 8.0.31; ((OTRS)

CVE-2023-1248 [MEDIUM] CWE-79 CVE-2023-1248: Improper Input Validation vulnerability in OTRS AG OTRS (Ticket Actions modules), OTRS AG ((OTRS)) C Improper Input Validation vulnerability in OTRS AG OTRS (Ticket Actions modules), OTRS AG ((OTRS)) Community Edition (Ticket Actions modules) allows Cross-Site Scripting (XSS).This issue affects OTRS: from 7.0.X before 7.0.42; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.

CVE-2022-4427 [CRITICAL] CWE-20 CVE-2022-4427: Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows S Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.

CVE-2022-39052 [MEDIUM] CWE-835 CVE-2022-39052: An external attacker is able to send a specially crafted email (with many recipients) and trigger a An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system

CVE-2022-39051 [HIGH] CWE-913 CVE-2022-39051: Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin i Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package

CVE-2022-39049 [MEDIUM] CWE-79 CVE-2022-39049: An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of Ja An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS.

CVE-2022-39050 [MEDIUM] CWE-79 CVE-2022-39050: An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store Java An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store JavaScript code to be run later by any other agent when clicking the customer URL link. Then the stored JavaScript is executed in the context of OTRS. The same issue applies for the usage of external data sources e.g. database or ldap

CVE-2022-32740 [MEDIUM] CWE-200 CVE-2022-32740: A reply to a forwarded email article by a 3rd party could unintensionally expose the email content t A reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances.

CVE-2022-32739 [MEDIUM] CWE-200 CVE-2022-32739: When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number.

CVE-2022-32741 [MEDIUM] CWE-200 CVE-2022-32741: Attacker is able to determine if the provided username exists (and it's valid) using Request New Pas Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time.

CVE-2021-36100 [HIGH] CWE-78 CVE-2021-36100: Specially crafted string in OTRS system configuration can allow the execution of any system command. Specially crafted string in OTRS system configuration can allow the execution of any system command.

CVE-2022-0475 [MEDIUM] CWE-79 CVE-2022-0475: Malicious translator is able to inject JavaScript code in few translatable strings (where HTML is al Malicious translator is able to inject JavaScript code in few translatable strings (where HTML is allowed). The code could be executed in the Package manager. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.32 and prior versions, 8.0.x version: 8.0.19 and prior versions.

CVE-2022-1004 [MEDIUM] CWE-200 CVE-2022-1004: Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend::Ti Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend::TicketDetailView###AccountedTimeDisplay is disabled.

CVE-2022-0473 [MEDIUM] CWE-79 CVE-2022-0473: OTRS administrators can configure dynamic field and inject malicious JavaScript code in the error me OTRS administrators can configure dynamic field and inject malicious JavaScript code in the error message of the regular expression check. When used in the agent interface, malicious code might be exectued in the browser. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.31 and prior versions.

CVE-2021-36097 [MEDIUM] CWE-266 CVE-2021-36097: Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it cou Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it could be moved to the queue where the agent has "rw" permissions and gain a full control. This issue affects: OTRS AG OTRS 8.0.x version: 8.0.16 and prior versions.