SUSE CVE-2013-2625

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified...

OTRS FAQ Module - Persistent XSS

The OTRS ITSM FAQ Module 3.2.x and below is vulnerable to a persistant XSS that permit some client side attack like cookies grabbing. OTRS http://www.otrs.com is a flexible Help Desk and IT-Service Management Software distribuited as opensource project AGPL License and also as-a-service. WIth a...