In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences.
{ "binaries": [ { "binary_name": "otrs", "binary_version": "5.0.7-1" }, { "binary_name": "otrs2", "binary_version": "5.0.7-1" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-50591.json"
{ "binaries": [ { "binary_name": "otrs", "binary_version": "6.0.5-1" }, { "binary_name": "otrs2", "binary_version": "6.0.5-1" } ] }
{ "binaries": [ { "binary_name": "otrs", "binary_version": "6.0.26-1" }, { "binary_name": "otrs2", "binary_version": "6.0.26-1" } ] }
{ "binaries": [ { "binary_name": "otrs2", "binary_version": "6.2.2-2" } ] }
{ "binaries": [ { "binary_name": "otrs2", "binary_version": "6.5.6-1" }, { "binary_name": "znuny", "binary_version": "6.5.6-1" } ] }
{ "binaries": [ { "binary_name": "otrs2", "binary_version": "6.5.15-2" }, { "binary_name": "znuny", "binary_version": "6.5.15-2" } ] }
{ "binaries": [ { "binary_name": "otrs2", "binary_version": "6.5.18-1" }, { "binary_name": "znuny", "binary_version": "6.5.18-1" } ] }