Security Advisory

CVE-2023-38058

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-24 08:28:03
Last updated 2024-10-17 13:03:11
Assigner OTRS
State PUBLISHED

Description

An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket without the needed permission. This issue affects OTRS: from 8.0.X before 8.0.35.