CVE-2020-1779
Dynamic templates reveal sensitive data when OTRS tags are used
When dynamic templates are used (OTRSTicketForms), admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior versions.
CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
Affected products
OTRS AG · OTRSTicketFormsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →