Exposure of otrs
Issue trackers18
exposure score
40
sites use
0
exploited
1
critical
CVEs
76 resultsCVE-2023-38056HIGHCode execution via System Configuration EPSS 0.8%CVE-2022-32741MEDIUMInformation disclosure in Request New Password featureEPSS 0.8%CVE-2024-23793MEDIUMUpload of files outside application directoryEPSS 0.8%CVE-2020-1768MEDIUMExternal Interface does not invalidate sessionEPSS 0.7%CVE-2021-36091LOWUnautorized access to the calendar appointmentsEPSS 0.7%CVE-2021-36092MEDIUMXSS attack using special link in emailEPSS 0.7%CVE-2022-32739LOWOTRS version number is always in the exported ICS filesEPSS 0.7%CVE-2022-4427MEDIUMSQL Injection via OTRS Search APIEPSS 0.7%CVE-2022-32740LOWInformation disclosure in the External InterfaceEPSS 0.7%CVE-2022-39051MEDIUMPerl Code execution in Template ToolkitEPSS 0.7%CVE-2023-6254HIGHPassword is send back to clientEPSS 0.7%CVE-2020-1778MEDIUMBypassing user account validationEPSS 0.6%CVE-2021-21438LOWFAQ articles are shown to users without permissionEPSS 0.6%CVE-2022-1004MEDIUMInformation disclosure in the External InterfaceEPSS 0.6%CVE-2023-38060MEDIUMHost header injection by attachments in web serviceEPSS 0.6%CVE-2021-36094MEDIUMXSS attack in appointment edit popup screenEPSS 0.6%CVE-2022-39052HIGHDoS attack using emailEPSS 0.6%CVE-2023-2534HIGHInformation disclouse and DoS via websocket push eventsEPSS 0.5%CVE-2024-23791MEDIUMUnnecessary data is written to log if issues during indexing occursEPSS 0.5%CVE-2022-39049LOWPossible XSS in Admin InterfaceEPSS 0.5%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →