CVE-2026-48189NVD

Description

An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected.

This issue affects OTRS:

* 7.0.X
* 8.0.X
* 2023.X
* 2024.X
* 2025.X
* 2026.X before 2026.4.X

Severity Level

MEDIUM (5.7)

Published Date

01/06/2026

Last Modified

01/06/2026

Exploitation Status

????

References

https://otrs.com/release-notes/otrs-security-advisory-2026-03/

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-48189NVD

Description

References