The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl scripts.
This issue affects OTRS: from 7.0.X through 7.0.49, 8.0.X, 2023.X, from 2024.X through 2024.3.2; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: OTRS
Published: 2024-06-06T18:06:58.805Z
Updated: 2024-08-01T23:13:07.327Z
Reserved: 2024-01-22T10:32:00.704Z
Link: CVE-2024-23793
Vulnrichment
Updated: 2024-06-06T20:22:13.823Z
NVD
Status : Awaiting Analysis
Published: 2024-06-06T19:15:52.373
Modified: 2024-11-21T08:58:25.860
Link: CVE-2024-23793
Redhat
No data.