Security Advisory OTRSCE-SA-2023-01
- Severity: low
- Products affected: ((OTRS)) Community Edition
- Versions affected: all versions prior to and including 6.0.38
In ((OTRS)) Community Edition version 6.0.38 and earlier, through a crafted URL, an agent can access the contents of a form draft created for a ticket that the agent is not allowed to read.
Users of the affected versions are encouraged to upgrade ((OTRS)) Community Edition to the most recent version (6.0.39).