Back to search
CVE-2010-4761
Published: Mar 18, 2011
Modified: Sep 16, 2024
PUBLISHED
Description
The customer-interface ticket-print dialog in Open Ticket Request System (OTRS) before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the (1) responsible, (2) owner, (3) accounted time, (4) pending until, and (5) lock fields by reading this dialog.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://bugs.otrs.org/show_bug.cgi?id=5875
x_refsource_CONFIRM
http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now