OTRS and OTRS ITSM CVE-2013-4717 Unspecified SQL Injection Vulnerabilitiy
OTRS and OTRS ITSM are prone to an unspecified SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data.
An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.
The following are vulnerable:
Versions prior to OTRS 3.0.22, 3.1.18, and 3.2.9
Versions prior to OTRS ITSM 3.0.9, 3.1.10, and 3.2.7