CVE-2016-5843
CRITICAL9.4EPSS 0.67%Published: 9/17/2016Modified: 11/19/2025
Description
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
Affected packages (1)
- Alpine/gst-plugins-bad1from 0, < 1.8.3-r0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.4 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L |