CVE-2010-4766

Name of the Vulnerable Software and Affected Versions Open Ticket Request System (OTRS) versions prior to 2.4.7

Description The issue concerns the AgentTicketForward feature in OTRS, which fails to properly remove inline images from HTML e-mail messages. This allows remote attackers to obtain potentially sensitive image information by reading a forwarded message in a standard e-mail client.

Recommendations For versions prior to 2.4.7, update to version 2.4.7 or later to resolve the issue.