By weakness (CWE)
CWE-791: related vulnerabilities
CVEs classified under CWE-791. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-48208MEDIUM 6.5
OTRS and OTRS Community Edition contain a vulnerability that allows attackers to embed malicious SVG (Scalable Vector Graphics) code within email messages sent to the ticketing system. When an agent or customer opens an affected ticket, the crafted SVG content can consume excessive browser resources, rendering the application unresponsive or forcing a browser crash. This is a denial-of-service attack that requires no special privileges and occurs automatically when viewing a compromised ticket—the attacker simply needs to send an email to the OTRS system.