Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. This issue affects: OTRS AG OTRSCustomContactFields 8.0.x version: 8.0.11 and prior versions.
Metrics
Affected Vendors & Products
References
History
Mon, 16 Sep 2024 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Disclosure of mail addresses | Disclosure of mail addresses |
MITRE
Status: PUBLISHED
Assigner: OTRS
Published: 2022-02-07T10:25:13.232949Z
Updated: 2024-09-16T22:14:40.657Z
Reserved: 2022-02-02T00:00:00
Link: CVE-2022-0474
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-02-07T11:15:07.877
Modified: 2024-11-21T06:38:42.853
Link: CVE-2022-0474
Redhat
No data.