VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 18, 2011· Updated Apr 29, 2026

CVE-2008-7281

CVE-2008-7281

Description

Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing a Bcc header field that lists the Blind Carbon Copy recipients, which allows remote attackers to obtain potentially sensitive e-mail address information by reading this field.

Affected products

68
  • OTRS/Otrs68 versions
    cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*+ 67 more
    • cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*range: <=2.2.6
    • cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta7:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta8:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.5:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.