Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. This issue affects: OTRS AG OTRSCustomContactFields 8.0.x version: 8.0.11 and prior versions.
History

Mon, 16 Sep 2024 22:30:00 +0000

Type Values Removed Values Added
Title Disclosure of mail addresses Disclosure of mail addresses

cve-icon MITRE

Status: PUBLISHED

Assigner: OTRS

Published: 2022-02-07T10:25:13.232949Z

Updated: 2024-09-16T22:14:40.657Z

Reserved: 2022-02-02T00:00:00

Link: CVE-2022-0474

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-07T11:15:07.877

Modified: 2024-11-21T06:38:42.853

Link: CVE-2022-0474

cve-icon Redhat

No data.