Homepage

otrs2 vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the otrs2 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Arbitrary Code Injection

<6.0.16-2+deb10u1
  • C
SQL Injection

<6.0.16-2+deb10u1
  • H
OS Command Injection

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
CVE-2021-21440

<6.0.16-2+deb10u1
  • M
Incorrect Authorization

<6.0.16-2+deb10u1
  • M
CVE-2021-21443

<6.0.16-2+deb10u1
  • H
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
Improper Handling of Exceptional Conditions

<6.0.16-2+deb10u1
  • H
Resource Exhaustion

<6.0.16-2+deb10u1
  • M
Insufficient Session Expiration

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
CVE-2020-1774

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • H
CVE-2020-1772

<6.0.16-2+deb10u1
  • H
Insufficient Entropy

<6.0.16-2+deb10u1
  • M
CVE-2020-1769

<6.0.16-2+deb10u1
  • M
Information Exposure

<6.0.16-2+deb10u1
  • M
CVE-2020-1767

<6.0.16-2+deb10u1
  • M
Improper Input Validation

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
Information Exposure

<6.0.16-2+deb10u1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
Information Exposure

<6.0.16-2+deb10u1
  • M
CVE-2018-11563

<6.0.8-1
  • M
CVE-2019-13458

<6.0.16-2+deb10u1
  • M
CVE-2019-12248

<6.0.16-2+deb10u1
  • M
Information Exposure

<6.0.16-2+deb10u1
  • M
Cross-site Scripting (XSS)

<6.0.16-2
  • M
Cross-site Scripting (XSS)

<6.0.16-2
  • M
XML Injection

<6.0.16-2
  • M
Cross-site Scripting (XSS)

<6.0.16-2+deb10u1
  • M
Improper Input Validation

<6.0.14-1
  • M
Cross-site Scripting (XSS)

<6.0.16-2
  • M
Arbitrary Code Injection

<6.0.16-1
  • M
Direct Request ('Forced Browsing')

<6.0.13-1
  • M
Cross-site Scripting (XSS)

<6.0.1-1
  • M
Cross-site Scripting (XSS)

<6.0.13-1
  • M
Cross-site Scripting (XSS)

<6.0.12-1
  • M
Improper Input Validation

<6.0.11-1
  • M
CVE-2018-16586

<6.0.11-1
  • H
CVE-2018-14593

<6.0.10-1
  • H
SQL Injection

<3.2.9-1
  • M
Improper Privilege Management

<3.1.7+dfsg1-8
  • M
Information Exposure

<3.2.8-1
  • M
Information Exposure

<3.2.7-1
  • M
Information Exposure

<6.0.7-1
  • L
Unrestricted Upload of File with Dangerous Type

*
  • H
Information Exposure

<6.0.3-1
  • M
Information Exposure

<6.0.2-1
  • H
OS Command Injection

<6.0.2-1
  • H
Arbitrary Code Injection

<5.0.24-1
  • H
CVE-2017-15864

<4.0.7-2
  • H
Improper Input Validation

<5.0.23-1
  • H
Improper Privilege Management

<5.0.20-1
  • M
Cross-site Scripting (XSS)

<5.0.14-1
  • M
Access Restriction Bypass

<3.3.9-3
  • M
Improper Input Validation

<3.3.6-1
  • L
Cross-site Scripting (XSS)

<3.3.6-1
  • M
Cross-site Scripting (XSS)

<3.3.5-1
  • L
Cross-site Request Forgery (CSRF)

<3.3.4-1
  • L
SQL Injection

<3.3.4-1
  • M
Cross-site Scripting (XSS)

<3.1.7+dfsg1-6
  • L
Cross-site Scripting (XSS)

<3.1.7+dfsg1-5
  • M
Cross-site Scripting (XSS)

<3.1.7+dfsg1-4
  • L
CVE-2011-2746

<2.4.7-1
  • M
Cross-site Scripting (XSS)

<2.4.10+dfsg1-1
  • L
Access Restriction Bypass

<2.4.5-1
  • L
Access Restriction Bypass

<3.0.8+dfsg1-1
  • L
Cross-site Scripting (XSS)

<3.0.8+dfsg1-1
  • L
Improper Input Validation

<2.4.5-1
  • L
Race Condition

<2.4.8+dfsg1-1
  • L
Access Restriction Bypass

<2.4.5-1
  • L
Improper Input Validation

<2.4.5-1
  • M
Access Restriction Bypass

<2.2.6-1
  • L
Improper Input Validation

<3.0.8+dfsg1-1
  • L
Access Restriction Bypass

<3.0.8+dfsg1-1
  • L
Access Restriction Bypass

<2.3.2-1
  • L
Improper Input Validation

<2.3.2-1
  • M
Information Exposure

<2.2.7-1
  • L
Information Exposure

<3.0.8+dfsg1-1
  • L
Cryptographic Issues

<3.0.8+dfsg1-1
  • M
Access Restriction Bypass

<2.2.6-1
  • L
Cryptographic Issues

<2.4.5-1
  • L
Cryptographic Issues

<3.0.8+dfsg1-1
  • M
Improper Input Validation

<2.2.7-1
  • L
Access Restriction Bypass

<2.3.2-1
  • L
Improper Input Validation

<2.4.7+dfsg1-1
  • M
Cross-site Scripting (XSS)

<2.3.3-1
  • M
Access Restriction Bypass

<2.3.2-1
  • L
Credentials Management

<2.4.10+dfsg1-1
  • H
OS Command Injection

<2.4.5-1
  • L
Cross-site Scripting (XSS)

<2.4.9+dfsg1-1
  • M
Improper Input Validation

<2.4.8+dfsg1-1
  • L
Cross-site Scripting (XSS)

<2.4.8+dfsg1-1
  • M
SQL Injection

<2.4.7-1
  • L
CVE-2008-7220

<2.3.4-6
  • M
Access Restriction Bypass

<2.2.5-2
  • M
Cross-site Scripting (XSS)

<2.1.1-1