CVE-2026-48189
5.7 MEDIUMAn improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to ...
Published: 2026-06-01 · Last updated: 2026-06-01
Severity and scoring
- CVSS
- 5.7 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
- CWE
- CWE-200
Description
An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-12203 — A vulnerability was found in HKUDS AI-Trader up to 74caf996f78dcc0c657df8365c8544678a16e215 (5.3 MEDIUM)
- CVE-2026-49397 — Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (5.3 MEDIUM)
- CVE-2026-47124 — Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (6.5 MEDIUM)
- CVE-2026-54396 — An information disclosure vulnerability exists in the MISP AuthKey edit functionality
- CVE-2026-47264 — Discourse is an open-source discussion platform (5.3 MEDIUM)