CVE-2010-4766
EPSS 0.23%
Description
The AgentTicketForward feature in Open Ticket Request System (OTRS) before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially sensitive image information in opportunistic circumstances by reading a forwarded message in a standard e-mail client.
How to fix CVE-2010-4766
To remediate CVE-2010-4766, upgrade the affected package to a fixed version below.
- Debian/otrs2—upgrade to 2.4.7+dfsg1-1 or later
Is CVE-2010-4766 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.4.7+dfsg1-1