7 matches found
OPENSUSE-SU-2020:1888-1 Security update for otrs
This update for otrs fixes the following issues: - otrs was updated to 6.0.30 OSA-2020-14 boo1178434 - CVE-2020-11022, CVE-2020-11023: Vulnerability in third-party library - jquery OTRS uses jquery version 3.4.1, which is vulnerable to cross-site scripting XSS...
openSUSE Security Update : otrs (openSUSE-2020-551)
Otrs was updated to 5.0.42, fixing lots of bugs and security issues : https://community.otrs.com/otrs-community-edition-5s-patch-level-42/ - CVE-2020-1773 boo1168029 OSA-2020-10 : - Session / Password / Password token leak An attacker with the ability to generate session IDs or password reset...
openSUSE Security Update : otrs (openSUSE-2019-973)
This update for otrs fixes the following issues : Update to version 4.0.33. Security issues fixed : - CVE-2018-19141: Fixed privilege escalation, that an attacker who is logged into OTRS as an admin user cannot manipulate the URL to cause execution of JavaScript in the context of OTRS. -...
Security update for otrs (moderate)
This update for otrs fixes the following issues: Update to version 4.0.33. Security issues fixed: - CVE-2018-19141: Fixed privilege escalation, that an attacker who is logged into OTRS as an admin user cannot manipulate the URL to cause execution of JavaScript in the context of OTRS. -...
openSUSE Security Update : otrs (openSUSE-2018-1106)
This update for otrs to version 4.0.32 fixes the following issues : These security issues were fixed : - CVE-2018-16586: An attacker could have sent a malicious email to an OTRS system. If a logged in user opens it, the email could have caused the browser to load external image or CSS resources...
openSUSE Security Update : otrs (openSUSE-SU-2012:1214-1)
fix a XSS vulnerability: bnc778655 CVE-2012-4600 - update to 2.4.14 openSUSE 11.4 fix for OSA-2012-02, http://otrs.org/advisory/ - Improved HTML security filter to detect tag nesting. - update to 3.0.16 openSUSE 12.1 fix for OSA-2012-02, http://otrs.org/advisory/ - Improved HTML security filter...
MGASA-2014-0194 Updated otrs packages fix multiple vulnerabilities
Updated otrs package fixes security vulnerabilities: A logged in attacker could insert special content in dynamic fields, leading to JavaScript code being executed in OTRS CVE-2014-2553. An attacker could embed OTRS in a hidden iframe tag of another page, tricking the user into clicking links in...