CVE-2010-4758

Name of the Vulnerable Software and Affected Versions Open Ticket Request System (OTRS) versions prior to 3.0.3

Description The issue concerns the installer.pl in Open Ticket Request System (OTRS), where the Inbound Mail Password field uses the text type instead of the password type for its INPUT element. This makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.

Recommendations For versions prior to 3.0.3, update to version 3.0.3 or later to resolve the issue.