Code Injection Vulnerability in OTRS 3.3.x, 4.x, and 5.x

Code Injection Vulnerability in OTRS 3.3.x, 4.x, and 5.x

CVE-2017-14635 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

In Open Ticket Request System (OTRS) 3.3.x before 3.3.18, 4.x before 4.0.25, and 5.x before 5.0.23, remote authenticated users can leverage statistics-write permissions to gain privileges via code injection.

Learn more about our User Device Pen Test.