Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-12-20T17:00:00

Updated: 2024-08-05T20:51:31.543Z

Reserved: 2017-12-08T00:00:00

Link: CVE-2017-17476

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-12-20T17:29:00.357

Modified: 2024-11-21T03:18:00.350

Link: CVE-2017-17476

cve-icon Redhat

No data.