VYPR
Medium severity6.5NVD Advisory· Published Aug 21, 2019· Updated Jun 17, 2026

CVE-2019-12746

CVE-2019-12746

Description

An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.