Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: OTRS

Published: 2021-07-26T04:25:40.249893Z

Updated: 2024-09-16T20:11:31.892Z

Reserved: 2020-12-29T00:00:00

Link: CVE-2021-21443

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-07-26T05:15:07.507

Modified: 2024-11-21T05:48:23.080

Link: CVE-2021-21443

cve-icon Redhat

No data.