← volver
CVE-2016-5843

CVE-2016-5843

EPSS 3.2%
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/http://www.securityfocus.com/bid/93019