CVE-2020-1779
Dynamic templates reveal sensitive data when OTRS tags are used
When dynamic templates are used (OTRSTicketForms), admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior versions.
CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
Productos afectados
OTRS AG · OTRSTicketForms¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →