The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of OTRS Help Desk

OTRS Help Desk: information disclosure via Renamed Agent User
An attacker can bypass access restrictions to data via Renamed Agent User of OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1776, OSA-2020-13, VIGILANCE-VUL-32881
OTRS Help Desk: information disclosure via BCC Recipients List
An attacker can bypass access restrictions to data via BCC Recipients List of OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1775, OSA-2020-12, VIGILANCE-VUL-32459
OTRS Help Desk: private key disclosure
An attacker can bypass access restrictions to data in OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1774, DLA-2198-1, OSA-2020-11, VIGILANCE-VUL-32107
jQuery Core: Cross Site Scripting via HtmlPrefilter Regex
An attacker can trigger a Cross Site Scripting via HtmlPrefilter Regex of jQuery Core, in order to run JavaScript code in the context of the web site...
20200601, 20200602, 20200603, 20200604, 20200605, 6217392, 6253319, 6344075, CERTFR-2020-AVI-310, CERTFR-2020-AVI-335, cpujul2020, cpuoct2020, CVE-2020-11022, CVE-2020-11023, DRUPAL-SA-CORE-2020-002, DRUPAL-SA-CORE-2020-003, DSA-4693-1, FEDORA-2020-0b32a59b54, FEDORA-2020-11be4b36d4, FEDORA-2020-7dddce530c, FEDORA-2020-8a15713da2, FEDORA-2020-fbb94073a1, K02453220, K66544153, NPM-1518, openSUSE-SU-2020:1060-1, openSUSE-SU-2020:1106-1, OSA-2020-14, RHSA-2020:3936-01, VIGILANCE-VUL-32007
OTRS Help Desk: spoofing via Spoofed Draft Messages
An attacker can create spoofed data via Spoofed Draft Messages of OTRS Help Desk, because of jQuery (VIGILANCE-VUL-29030), in order to deceive the victim...
CVE-2019-11358, OSA-2020-05, VIGILANCE-VUL-31545
OTRS Help Desk: unexpired session via SessionMaxIdleTime Ignored
Background tasks are counted for SessionMaxIdleTime of OTRS Help Desk, so an attacker can ensure that his session will never expire...
CVE-2020-1768, VIGILANCE-VUL-31544
OTRS Help Desk: information disclosure via Drafted Messages Spoofing
An attacker can bypass access restrictions to data via Drafted Messages Spoofing of OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1767, DLA-2079-1, OSA-2020-03, VIGILANCE-VUL-31295
OTRS Help Desk: code execution via Uploaded Inline Images SVG Javascript
An attacker can use a vulnerability via Uploaded Inline Images SVG Javascript of OTRS Help Desk, in order to run code...
CVE-2020-1766, DLA-2079-1, openSUSE-SU-2020:0551-1, openSUSE-SU-2020:1475-1, OSA-2020-02, VIGILANCE-VUL-31294
OTRS Help Desk: information disclosure via From Field Spoofing
An attacker can bypass access restrictions to data via From Field Spoofing of OTRS Help Desk, in order to obtain sensitive information...
CVE-2020-1765, DLA-2079-1, openSUSE-SU-2020:0551-1, openSUSE-SU-2020:1475-1, OSA-2020-01, VIGILANCE-VUL-31293
OTRS Help Desk: infinite loop via Long Extensions Filenames
An attacker can trigger an infinite loop via Long Extensions Filenames of OTRS Help Desk, in order to trigger a denial of service...
CVE-2019-18180, openSUSE-SU-2020:0551-1, openSUSE-SU-2020:1475-1, OSA-2019-15, VIGILANCE-VUL-30885
Our database contains other pages. You can request a free trial to read them.

Display information about OTRS Help Desk: