29Oca
CVE-2024-23790 | OTRS up to 7.0.48/8.0.37/2023.1.1 User Avatar unrestricted upload
A vulnerability was found in OTRS up to 7.0.48/8.0.37/2023.1.1 and classified as critical. Affected by this issue is some unknown functionality of the component User Avatar Handler. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2024-23790. The attack may be launched remotely. There is no exploit available.