Updated otrs package fixes security vulnerabilities

2013-07-01T19:16:22
ID MGASA-2013-0196
Type mageia
Reporter Gentoo Foundation
Modified 2013-07-01T19:16:22

Description

An attacker with a valid agent login could manipulate URLs in the ticket watch mechanism to see contents of tickets they are not permitted to see (CVE-2013-3551, CVE-2013-4088).