Vulnerabilities

CVE-2019-9892

by Fred · 21/05/2019

An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem.

Date published : 2019-05-21

Security Advisory 2019-04: Security Update for OTRS Framework

https://lists.debian.org/debian-lts-announce/2019/05/msg00003.html

Similar

Tags: Cybersecurity Alert