Low severity3.5NVD Advisory· Published Jan 10, 2020· Updated Jun 17, 2026
CVE-2020-1765
CVE-2020-1765
Description
An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- Range: 5.0.x <= 5.0.39, 6.0.x <= 6.0.24, 7.0.x <= 7.0.13
- osv-coords5 versionspkg:rpm/opensuse/otrs&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/otrs&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/otrs&distro=SUSE%20Package%20Hub%2015%20SP2
< 5.0.42-bp151.3.3.1+ 4 more
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 6.0.29-bp152.2.5.4
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 5.0.42-bp151.3.3.1
- (no CPE)range: < 6.0.29-bp152.2.5.4
- OTRS AG/((OTRS)) Community Editionv5Range: 5.0.x version 5.0.39 and prior versions
Patches
Vulnerability mechanics
References
6- otrs.com/release-notes/otrs-security-advisory-2020-01/nvdPatchVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2020/01/msg00027.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2023/08/msg00040.htmlnvd
News mentions
0No linked articles in our index yet.