[announce] OTRS Security Advisory 2015-03 FAQ 5.0.2 (OTRS 5), FAQ 4.0.3. (OTRS 4), FAQ 2.3.4 (OTRS 3.3)

Tue, 01 Dec 2015 04:31:48 -0800 

+++++++++ OTRS Security Advisory 2015-03 FAQ 5.0.2 (OTRS 5), FAQ 4.0.3. (OTRS 
4), FAQ 2.3.4 (OTRS 3.3) +++++++++

Releases:               FAQ 5.0.2 (OTRS 5), FAQ 4.0.3 (OTRS 4), FAQ 2.3.4 (OTRS 
3.3)
Release date:           01-December-2015
Status:                 Patch Level Release


SECURITY FIXES:
==============

------------------------------------------------------------------
OTRS Security Advisory 2015-03          <security at otrs.org 
<mailto:[email protected]>>
------------------------------------------------------------------
ID:             OSA-2015-03
Date:           2015-11-24
Title:          Vulnerability in OTRS FAQ allows user with valid agent login to 
inject JavaScript code (XSS)
Severity:       3.7 (Low)
Fixed in:       FAQ 5.0.2 (OTRS 5), FAQ 4.0.3 (OTRS 4), FAQ 2.3.4 (OTRS 3.3)
URL:            
https://www.otrs.com/security-advisory-2015-03-vulnerability-discovered-in-otrs-faq-package/
 
<https://www.otrs.com/security-advisory-2015-03-vulnerability-discovered-in-otrs-faq-package/>
References:     CVE-2015-8372


To read the entire Security Advisory please follow this link.

https://www.otrs.com/security-advisory-2015-03-vulnerability-discovered-in-otrs-faq-package/
 
<https://www.otrs.com/security-advisory-2015-03-vulnerability-discovered-in-otrs-faq-package/>

Best regards

Goran Pismestrovic
—
Marketing Assistant

OTRS AG
Norsk-Data-Straße 1
61352 Bad Homburg
Deutschland

T: +49 (0) 6172 681988 0
F: +49 (0) 9421 56818 18
I:  http://www.otrs.com/ <http://www.otrs.com/>

Business location: Bad Homburg, Country Court: Bad Homburg, HRB 10751, VAT ID: 
DE256610065
Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), 
Christopher Kuhn, Sabine Riedel

Mobile communication and transparent processes -  With the OTRS Business 
Solution™ 5 Managed you can start fast and without your own IT resources - 
Discover the new features and order here 
<https://www.otrs.com/new-in-otrs-business-solution-5-mobile-communication-transparent-processes/?utm_id=144>

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

---------------------------------------------------------------------
OTRS mailing list: announce - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/announce
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/announce

Reply via email to