Upstream information
Description
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.SUSE information
Overall state of this security issue: Does not affect SUSE products
SUSE Bugzilla entry: 1103800 [RESOLVED / FIXED]SUSE Security Advisories:
- openSUSE-SU-2018:3005-1, published Fri Dec 8 15:48:40 2023
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Package Hub 15 |
| Patchnames: openSUSE-2019-748 |
openSUSE Leap 15.0 |
| Patchnames: openSUSE-2019-748 |
SUSE Timeline for this CVE
CVE page created: Fri Oct 7 12:49:19 2022CVE page last modified: Fri Dec 8 17:18:05 2023