Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OTRS AG — Vulnerabilities & Security Advisories 73

Browse all 73 CVE security advisories affecting OTRS AG. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by OTRS AG:OTRS((OTRS)) Community EditionOTRSCIsInCustomerFrontendOTRSTicketFormsSurveyFAQTime AccountingOTRSCustomContactFields
CVE IDTitleCVSSSeverityPublished
CVE-2022-39051 Perl Code execution in Template Toolkit — OTRSCWE-913 6.8 Medium2022-09-05
CVE-2022-39050 Possible XSS stored in customer information — OTRSCWE-79 4.6 Medium2022-09-05
CVE-2022-39049 Possible XSS in Admin Interface — OTRSCWE-79 3.5 Low2022-09-05
CVE-2022-32741 Information disclosure in Request New Password feature — OTRSCWE-200 5.3 Medium2022-06-13
CVE-2022-32740 Information disclosure in the External Interface — OTRSCWE-200 3.5 Low2022-06-13
CVE-2022-32739 OTRS version number is always in the exported ICS files — OTRSCWE-200 3.5 Low2022-06-13
CVE-2022-1004 Information disclosure in the External Interface — OTRSCWE-200 4.3 Medium2022-03-21
CVE-2022-0475 Possible XSS attack via translation — OTRSCWE-79 3.5 Low2022-03-21
CVE-2021-36100 Authenticated remote code execution — OTRS 6.4 Medium2022-03-21
CVE-2022-0474 Disclosure of mail addresses — OTRSCustomContactFieldsCWE-200 2.4 Low2022-02-07
CVE-2022-0473 Dynamic field error message is vulnerable to XSS — OTRSCWE-79 3.8 Low2022-02-07
CVE-2021-36097 Agents are able to lock the ticket without the "Owner" permission — OTRSCWE-266 3.5 Low2021-10-18
CVE-2021-36096 Support Bundle includes S/Mime and PGP secret or PIN — ((OTRS)) Community EditionCWE-200 5.2 Medium2021-09-06
CVE-2021-36095 User enumeration issue using "lost password" feature — ((OTRS)) Community EditionCWE-200 5.3 Medium2021-09-06
CVE-2021-36094 XSS attack in appointment edit popup screen — ((OTRS)) Community EditionCWE-79 5.7 Medium2021-09-06
CVE-2021-36093 DoS attack using PostMaster filters — ((OTRS)) Community EditionCWE-185 5.3 Medium2021-09-06
CVE-2021-36092 XSS attack using special link in email — ((OTRS)) Community EditionCWE-79 6.5 Medium2021-07-26
CVE-2021-36091 Unautorized access to the calendar appointments — ((OTRS)) Community EditionCWE-200 3.5 Low2021-07-26
CVE-2021-21443 Unautorized listing of the customer user emails — ((OTRS)) Community EditionCWE-200 3.5 Low2021-07-26
CVE-2021-21442 XSS vulnerability in Time Accounting — Time AccountingCWE-79 4.5 Medium2021-07-26
CVE-2021-21440 Support Bundle includes S/Mime and PGP keys — ((OTRS)) Community EditionCWE-200 5.2 Medium2021-07-26
CVE-2021-21441 XSS in the ticket overview screens — ((OTRS)) Community EditionCWE-79 7.5 High2021-06-16
CVE-2021-21439 Possible DoS attack using a special crafted URL in email body — ((OTRS)) Community EditionCWE-754 6.5 Medium2021-06-14
CVE-2021-21438 FAQ articles are shown to users without permission — FAQCWE-264 3.5 Low2021-03-22
CVE-2021-21437 Config Items are shown to users without permission — OTRSCIsInCustomerFrontendCWE-264 3.5 Low2021-03-22
CVE-2021-21436 Agent is able to link customer's Config Items without permission — OTRSCIsInCustomerFrontendCWE-264 3.5 Low2021-02-08
CVE-2021-21435 Information exposure in PDF export — OTRSCWE-200 5.7 Medium2021-02-08
CVE-2021-21434 XSS in Survey Module — SurveyCWE-79 3.5 Low2021-02-08
CVE-2020-1779 Dynamic templates reveal sensitive data when OTRS tags are used — OTRSTicketFormsCWE-200 4.3 Medium2021-02-08
CVE-2020-1778 Bypassing user account validation — OTRSCWE-287 4.1 Medium2020-11-23

This page lists every published CVE security advisory associated with OTRS AG. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.