Otrs · Otrs · CVE-2020-1776
**Name of the Vulnerable Software and Affected Versions**
OTRS Community Edition versions 6.0.28 and prior
OTRS versions 7.0.18 and prior
OTRS versions 8.0.4 and prior
**Description**
The issue occurs when an agent user is renamed or set to invalid, and the session belonging to the user remains active. Although the session cannot be used to access ticket data if the agent is invalid, it still poses a problem.
**Recommendations**
For OTRS Community Edition versions 6.0.28 and prior, update to a version later than 6.0.28.
For OTRS versions 7.0.18 and prior, update to a version later than 7.0.18.
For OTRS versions 8.0.4 and prior, update to a version later than 8.0.4.