Bæln0Rn

**Name of the Vulnerable Software and Affected Versions** OTRS versions 4.0.x through 4.0.26 OTRS versions 5.0.x through 5.0.24 OTRS versions 6.0.x through 6.0.1 **Description** The issue allows an attacker who is logged into OTRS as an agent to manipulate form parameters related to PGP and execute arbitrary shell commands with the permissions of the OTRS or web server user. **Recommendations** For OTRS versions 4.0.x through 4.0.26, update to a version that fixes the issue. For OTRS versions 5.0.x through 5.0.24, update to a version that fixes the issue. For OTRS versions 6.0.x through 6.0.1, update to a version that fixes the issue.