← back
CVE-2016-5843

CVE-2016-5843

EPSS 3.2%
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/http://www.securityfocus.com/bid/93019