Unrated severityNVD Advisory· Published Feb 7, 2022· Updated Sep 16, 2024

Disclosure of mail addresses

CVE-2022-0474

Description

Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. This issue affects: OTRS AG OTRSCustomContactFields 8.0.x version: 8.0.11 and prior versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

OTRS/OTRSCustomContactFieldsllm-create2 versions
<=8.0.11+ 1 more
- (no CPE)range: <=8.0.11
- (no CPE)range: 8.0.x

Patches

Vulnerability mechanics

References

otrs.com/release-notes/otrs-security-advisory-2022-02/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000