CVE-2018-10198

An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt