Matthias Püschel

**Name of the Vulnerable Software and Affected Versions** OTRS versions 7.0.X through 7.0.48 OTRS versions 8.0.X through 8.0.37 OTRS versions 2023.X through 2023.1.1 **Description** The issue is related to the handling of attachments in ticket comments, allowing another user to add attachments impersonating the original user. This requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. The attack exploits weaknesses in the authentication procedure. **Recommendations** For OTRS versions 7.0.X through 7.0.48, update to a version outside of this range to resolve the issue. For OTRS versions 8.0.X through 8.0.37, update to a version outside of this range to resolve the issue. For OTRS versions 2023.X through 2023.1.1, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the attachment feature in ticket comments until a patch is available.

**Name of the Vulnerable Software and Affected Versions** OTRS versions 7.0.X through 7.0.48 OTRS versions 8.0.X through 8.0.37 OTRS versions 2023 through 2023.1.1 **Description** The issue is related to an Improper Input Validation vulnerability in the upload functionality for user avatars, which allows functionality misuse due to a missing check of filetypes. This vulnerability may allow a remote attacker to execute arbitrary code. **Recommendations** For OTRS versions 7.0.X through 7.0.48, update to a version later than 7.0.48. For OTRS versions 8.0.X through 8.0.37, update to a version later than 8.0.37. For OTRS versions 2023 through 2023.1.1, update to a version later than 2023.1.1. As a temporary workaround, consider disabling the upload functionality for user avatars until a patch is available.

**Name of the Vulnerable Software and Affected Versions** OTRS versions 8.0.X through 8.0.37 **Description** A vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords, which are sent back to the client in the server response. **Recommendations** For OTRS versions 8.0.X through 8.0.37, update to a version that includes the fix for this issue to prevent the reading of plain text passwords. As a temporary workaround, consider restricting access to the AgentInterface and ExternalInterface until a patch is available.