Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

((OTRS)) Community Edition — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in ((OTRS)) Community Edition, with AI-generated Chinese analysis, references, and POCs.

Vendor: OTRS AG

CVE IDTitleCVSSSeverityPublished
CVE-2021-36096 Support Bundle includes S/Mime and PGP secret or PIN CWE-200 5.2 Medium2021-09-06
CVE-2021-36095 User enumeration issue using "lost password" feature CWE-200 5.3 Medium2021-09-06
CVE-2021-36094 XSS attack in appointment edit popup screen CWE-79 5.7 Medium2021-09-06
CVE-2021-36093 DoS attack using PostMaster filters CWE-185 5.3 Medium2021-09-06
CVE-2021-36092 XSS attack using special link in email CWE-79 6.5 Medium2021-07-26
CVE-2021-36091 Unautorized access to the calendar appointments CWE-200 3.5 Low2021-07-26
CVE-2021-21443 Unautorized listing of the customer user emails CWE-200 3.5 Low2021-07-26
CVE-2021-21440 Support Bundle includes S/Mime and PGP keys CWE-200 5.2 Medium2021-07-26
CVE-2021-21441 XSS in the ticket overview screens CWE-79 7.5 High2021-06-16
CVE-2021-21439 Possible DoS attack using a special crafted URL in email body CWE-754 6.5 Medium2021-06-14
CVE-2020-1776 Invalidating or changing user does not invalidate session CWE-613 3.5 Low2020-07-20
CVE-2020-1774 Information disclosure CWE-201 4.5 Medium2020-04-28
CVE-2020-1773 Session / Password / Password token leak CWE-331 7.3 High2020-03-27
CVE-2020-1772 Information Disclosure CWE-155 6.5 Medium2020-03-27
CVE-2020-1771 Possible XSS in Customer user address book CWE-79 4.6 Medium2020-03-27
CVE-2020-1770 Information disclosure in support bundle files CWE-201 2.4 Low2020-03-27
CVE-2020-1769 Autocomplete in the form login screens CWE-16 3.5 Low2020-03-27
CVE-2020-1767 Possible to send drafted messages as wrong agent 3.5 Low2020-01-10
CVE-2020-1766 Improper handling of uploaded inline images CWE-79 2.0 Low2020-01-10
CVE-2020-1765 Spoofing of From field in several screens CWE-472 3.5 Low2020-01-10

All 20 known CVE vulnerabilities affecting ((OTRS)) Community Edition with full Chinese analysis, references, and POCs where available.