The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."
CVSS Score
6.4
EPSS Score
0.008
Published
2008-04-01
Page 4