Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
Typedeb
Namespacedebian
Nameotrs2
Version6.0.27-1
Qualifiers
distro bullseye
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.0.28-1
Latest_non_vulnerable_version6.0.32-6
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-cyn6-w9ue-1fdv
vulnerability_id VCID-cyn6-w9ue-1fdv
summary In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1769
reference_id
reference_type
scores
0
value 0.00663
scoring_system epss
scoring_elements 0.712
published_at 2026-04-21T12:55:00Z
1
value 0.00663
scoring_system epss
scoring_elements 0.71216
published_at 2026-04-16T12:55:00Z
2
value 0.00663
scoring_system epss
scoring_elements 0.71222
published_at 2026-04-18T12:55:00Z
3
value 0.00663
scoring_system epss
scoring_elements 0.71121
published_at 2026-04-01T12:55:00Z
4
value 0.00663
scoring_system epss
scoring_elements 0.7113
published_at 2026-04-02T12:55:00Z
5
value 0.00663
scoring_system epss
scoring_elements 0.71147
published_at 2026-04-04T12:55:00Z
6
value 0.00663
scoring_system epss
scoring_elements 0.71123
published_at 2026-04-07T12:55:00Z
7
value 0.00663
scoring_system epss
scoring_elements 0.71165
published_at 2026-04-08T12:55:00Z
8
value 0.00663
scoring_system epss
scoring_elements 0.71177
published_at 2026-04-09T12:55:00Z
9
value 0.00663
scoring_system epss
scoring_elements 0.71201
published_at 2026-04-11T12:55:00Z
10
value 0.00663
scoring_system epss
scoring_elements 0.71186
published_at 2026-04-12T12:55:00Z
11
value 0.00663
scoring_system epss
scoring_elements 0.71169
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1769
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1769
5
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
6
reference_url https://otrs.com/release-notes/otrs-security-advisory-2020-06/
reference_id
reference_type
scores
url https://otrs.com/release-notes/otrs-security-advisory-2020-06/
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1769
reference_id CVE-2020-1769
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 3.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-1769
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.27-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2020-1769
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cyn6-w9ue-1fdv
1
url VCID-d4t9-s9ws-uugb
vulnerability_id VCID-d4t9-s9ws-uugb
summary An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1773
reference_id
reference_type
scores
0
value 0.00464
scoring_system epss
scoring_elements 0.64352
published_at 2026-04-21T12:55:00Z
1
value 0.00464
scoring_system epss
scoring_elements 0.64351
published_at 2026-04-16T12:55:00Z
2
value 0.00464
scoring_system epss
scoring_elements 0.64361
published_at 2026-04-18T12:55:00Z
3
value 0.00464
scoring_system epss
scoring_elements 0.64238
published_at 2026-04-01T12:55:00Z
4
value 0.00464
scoring_system epss
scoring_elements 0.64296
published_at 2026-04-02T12:55:00Z
5
value 0.00464
scoring_system epss
scoring_elements 0.64324
published_at 2026-04-04T12:55:00Z
6
value 0.00464
scoring_system epss
scoring_elements 0.64281
published_at 2026-04-07T12:55:00Z
7
value 0.00464
scoring_system epss
scoring_elements 0.64329
published_at 2026-04-08T12:55:00Z
8
value 0.00464
scoring_system epss
scoring_elements 0.64344
published_at 2026-04-09T12:55:00Z
9
value 0.00464
scoring_system epss
scoring_elements 0.64356
published_at 2026-04-11T12:55:00Z
10
value 0.00464
scoring_system epss
scoring_elements 0.64345
published_at 2026-04-12T12:55:00Z
11
value 0.00464
scoring_system epss
scoring_elements 0.64316
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1773
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1773
5
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
6
reference_url https://otrs.com/release-notes/otrs-security-advisory-2020-10/
reference_id
reference_type
scores
url https://otrs.com/release-notes/otrs-security-advisory-2020-10/
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1773
reference_id CVE-2020-1773
reference_type
scores
0
value 5.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:N
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-1773
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.27-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2020-1773
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4t9-s9ws-uugb
2
url VCID-jv8f-vz24-67c2
vulnerability_id VCID-jv8f-vz24-67c2
summary It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1772
reference_id
reference_type
scores
0
value 0.00449
scoring_system epss
scoring_elements 0.63632
published_at 2026-04-21T12:55:00Z
1
value 0.00449
scoring_system epss
scoring_elements 0.6364
published_at 2026-04-16T12:55:00Z
2
value 0.00449
scoring_system epss
scoring_elements 0.63648
published_at 2026-04-18T12:55:00Z
3
value 0.00449
scoring_system epss
scoring_elements 0.63517
published_at 2026-04-01T12:55:00Z
4
value 0.00449
scoring_system epss
scoring_elements 0.63577
published_at 2026-04-02T12:55:00Z
5
value 0.00449
scoring_system epss
scoring_elements 0.63604
published_at 2026-04-04T12:55:00Z
6
value 0.00449
scoring_system epss
scoring_elements 0.63568
published_at 2026-04-07T12:55:00Z
7
value 0.00449
scoring_system epss
scoring_elements 0.6362
published_at 2026-04-08T12:55:00Z
8
value 0.00449
scoring_system epss
scoring_elements 0.63636
published_at 2026-04-12T12:55:00Z
9
value 0.00449
scoring_system epss
scoring_elements 0.63652
published_at 2026-04-11T12:55:00Z
10
value 0.00449
scoring_system epss
scoring_elements 0.63603
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1772
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1772
5
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html
6
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
7
reference_url https://otrs.com/release-notes/otrs-security-advisory-2020-09/
reference_id
reference_type
scores
url https://otrs.com/release-notes/otrs-security-advisory-2020-09/
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1772
reference_id CVE-2020-1772
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-1772
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.27-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2020-1772
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jv8f-vz24-67c2
3
url VCID-mvf7-hk9h-zfa4
vulnerability_id VCID-mvf7-hk9h-zfa4
summary Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1770
reference_id
reference_type
scores
0
value 0.0036
scoring_system epss
scoring_elements 0.58159
published_at 2026-04-21T12:55:00Z
1
value 0.0036
scoring_system epss
scoring_elements 0.58181
published_at 2026-04-16T12:55:00Z
2
value 0.0036
scoring_system epss
scoring_elements 0.58183
published_at 2026-04-18T12:55:00Z
3
value 0.0036
scoring_system epss
scoring_elements 0.5804
published_at 2026-04-01T12:55:00Z
4
value 0.0036
scoring_system epss
scoring_elements 0.58125
published_at 2026-04-02T12:55:00Z
5
value 0.0036
scoring_system epss
scoring_elements 0.58146
published_at 2026-04-04T12:55:00Z
6
value 0.0036
scoring_system epss
scoring_elements 0.58121
published_at 2026-04-07T12:55:00Z
7
value 0.0036
scoring_system epss
scoring_elements 0.58175
published_at 2026-04-08T12:55:00Z
8
value 0.0036
scoring_system epss
scoring_elements 0.58178
published_at 2026-04-09T12:55:00Z
9
value 0.0036
scoring_system epss
scoring_elements 0.58193
published_at 2026-04-11T12:55:00Z
10
value 0.0036
scoring_system epss
scoring_elements 0.5817
published_at 2026-04-12T12:55:00Z
11
value 0.0036
scoring_system epss
scoring_elements 0.5815
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1770
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1770
5
reference_url https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/05/msg00000.html
6
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
7
reference_url https://otrs.com/release-notes/otrs-security-advisory-2020-07/
reference_id
reference_type
scores
url https://otrs.com/release-notes/otrs-security-advisory-2020-07/
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
reference_id cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1770
reference_id CVE-2020-1770
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 2.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-1770
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.27-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2020-1770
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mvf7-hk9h-zfa4
4
url VCID-sxy7-tjmp-qbh2
vulnerability_id VCID-sxy7-tjmp-qbh2
summary Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00038.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00066.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00077.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1771
reference_id
reference_type
scores
0
value 0.00635
scoring_system epss
scoring_elements 0.70432
published_at 2026-04-21T12:55:00Z
1
value 0.00635
scoring_system epss
scoring_elements 0.70443
published_at 2026-04-16T12:55:00Z
2
value 0.00635
scoring_system epss
scoring_elements 0.70452
published_at 2026-04-18T12:55:00Z
3
value 0.00635
scoring_system epss
scoring_elements 0.70338
published_at 2026-04-01T12:55:00Z
4
value 0.00635
scoring_system epss
scoring_elements 0.7035
published_at 2026-04-02T12:55:00Z
5
value 0.00635
scoring_system epss
scoring_elements 0.70367
published_at 2026-04-04T12:55:00Z
6
value 0.00635
scoring_system epss
scoring_elements 0.70346
published_at 2026-04-07T12:55:00Z
7
value 0.00635
scoring_system epss
scoring_elements 0.70391
published_at 2026-04-08T12:55:00Z
8
value 0.00635
scoring_system epss
scoring_elements 0.70406
published_at 2026-04-09T12:55:00Z
9
value 0.00635
scoring_system epss
scoring_elements 0.7043
published_at 2026-04-11T12:55:00Z
10
value 0.00635
scoring_system epss
scoring_elements 0.70414
published_at 2026-04-12T12:55:00Z
11
value 0.00635
scoring_system epss
scoring_elements 0.704
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1771
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1771
5
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
6
reference_url https://otrs.com/release-notes/otrs-security-advisory-2020-08/
reference_id
reference_type
scores
url https://otrs.com/release-notes/otrs-security-advisory-2020-08/
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_id cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:otrs:otrs:*:*:*:*:community:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1771
reference_id CVE-2020-1771
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
2
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-1771
fixed_packages
0
url pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.27-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.27-1%3Fdistro=bullseye
1
url pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
purl pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye
aliases CVE-2020-1771
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sxy7-tjmp-qbh2
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.27-1%3Fdistro=bullseye