Debug Information Leakage in OTRS: Versions 7.0.X - 7.0.48, 8.0.X - 8.0.37, 2023.X - 2023.1.1

Debug Information Leakage in OTRS: Versions 7.0.X - 7.0.48, 8.0.X - 8.0.37, 2023.X - 2023.1.1

CVE-2024-23791 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1.

Learn more about our Web Application Penetration Testing UK.