CVE-2022-39051

Summary

Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package

Affected Software

VendorProductVersion RangeStatus
OTRS AGOTRS7.0.x 7.0.36affected
OTRS AGOTRS8.0.x 8.0.24affected
OTRS AG((OTRS)) Community Edition6.0.1 < 6.0.x*affected

Weaknesses

  • CWE-913: CWE-913 Improper Control of Dynamically-Managed Code Resources

ADP Enrichment

CVE Program Container

Additional References

References