VYPR
Medium severity4.3NVD Advisory· Published Jun 17, 2019· Updated Jun 17, 2026

CVE-2019-12248

CVE-2019-12248

Description

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.

Affected products

8

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.