Vulnerabilities

CVE-2019-18179

by Fred · 06/01/2020

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn’t have permissions.

Date published : 2020-01-06

Security Advisory 2019-14: Security Update for OTRS Framework

https://lists.debian.org/debian-lts-announce/2020/01/msg00000.html

Similar

Tags: Cybersecurity Alert