Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unsafe handling of AJAX calls
Vulnerability Description
A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * OTRS 2025.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
不完整的黑名单
Vulnerability Title
OTRS 安全漏洞
Vulnerability Description
OTRS是德国OTRS公司的一个服务管理解决方案。 OTRS存在安全漏洞,该漏洞源于参数注入。以下产品及版本受到影响:OTRS 7.0.X版本、8.0.X版本、2023.X版本、2024.X版本、2025.X版本和OTRS Community Edition 6.0.x版本。
CVSS Information
N/A
Vulnerability Type
N/A