Unrated severityNVD Advisory· Published Feb 8, 2021· Updated Sep 16, 2024

Dynamic templates reveal sensitive data when OTRS tags are used

CVE-2020-1779

Description

When dynamic templates are used (OTRSTicketForms), admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior versions.

Affected products

OTRS/OTRSTicketFormsllm-create2 versions
<=6.0.40, <=7.0.29, <=8.0.3+ 1 more
- (no CPE)range: <=6.0.40, <=7.0.29, <=8.0.3
- (no CPE)range: 6.0.x

Patches

Vulnerability mechanics

References

otrs.com/release-notes/otrs-security-advisory-2020-17/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000