CVE-2025-24388

A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * OTRS 2025.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected
Configurations

No configuration.

History

16 Jun 2025, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-16 12:15

Updated : 2025-06-16 12:32


NVD link : CVE-2025-24388

Mitre link : CVE-2025-24388

CVE.ORG link : CVE-2025-24388


JSON object : View

Products Affected

No product.

CWE
CWE-184

Incomplete List of Disallowed Inputs