Security Advisory

CVE-2025-24390

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-27 05:59:20
Last updated 2025-02-12 20:01:13
Assigner OTRS
State PUBLISHED

Description

A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X