Download
| Alert*
oval:org.secpod.oval:def:603216
Two vulnerabilities were discovered in the Open Ticket Request System which could result in information disclosure or the execution of arbitrary shell commands by logged-in agents. oval:org.secpod.oval:def:53212 Two vulnerabilities were discovered in the Open Ticket Request System which could result in information disclosure or the execution of arbitrary shell commands by logged-in agents. oval:org.secpod.oval:def:1900281 In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters and execute arbitrary shell commands with the permissions of the OTRS or web server user. |