otrs2 -- cross-site scripting

2011-05-06T00:00:00
ID DSA-2231
Type debian
Reporter Debian
Modified 2011-05-06T00:00:00

Description

Multiple cross-site scripting vulnerabilities were discovered in Open Ticket Request System (OTRS), a trouble-ticket system. (CVE-2011-1518)

In addition, this security update fix a failure when upgrading the package from lenny to squeeze.

The oldstable distribution (lenny) is not affected by this problem.

For the stable distribution (squeeze), this problem has been fixed in version 2.4.9+dfsg1-3+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 2.4.10+dfsg1-1.

We recommend that you upgrade your otrs2 packages.