CVE-2021-36095

Summary

Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG ((OTRS)) Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.

Affected Software

VendorProductVersion RangeStatus
OTRS AG((OTRS)) Community Edition6.0.1 < unspecifiedaffected
OTRS AGOTRS7.0.x <= 7.0.28affected

Weaknesses

  • CWE-200: CWE-200 Information Exposure

ADP Enrichment

CVE Program Container

Additional References

References