CVE-2024-23790 Information

Description

Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48 from 8.0.X through 8.0.37 from 2023 through 2023.1.1.

Reference

https://otrs.com/release-notes/otrs-security-advisory-2024-01/