Security Advisory 2010-02 – Multiple XSS and denial of service vulnerabilities

September 2010

September 15, 2010 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Report a Vulnerability: security@otrs.org Recommended Resolution This vulnerability is fixed in OTRS Help Desk 2.4.8 as well as OTRS Help Desk 2.3.6 and it is recommended to upgrade to these higher versions. Fixed OTRS releases can be found at:

Read More

Security Advisory 2010-01 – Vulnerability in OTRS-Core allows SQL injection

February 2010

February 8, 2010 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Report a Vulnerability: security@otrs.org Recommended Resolution These vulnerabilities are fixed in OTRS 2.1.9, OTRS 2.2.9, OTRS 2.3.5 and OTRS 2.4.7, and it is recommended to upgrade to one of these versions. Fixed OTRS releases

Read More

Security Advisory 2008-01 – Vulnerability in OTRS SOAP interface allows remote access without valid SOAP user

March 2008

March 31, 2008 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Report a Vulnerability: security@otrs.org Recommended Resolution This vulnerability is fixed in OTRS 2.1.8 and OTRS 2.2.6, and it is recommended to upgrade to one of these versions. Fixed OTRS releases can be found at:

Read More

Security Advisory 2007-01 – Vulnerability in OTRS agent mailbox view allows Cross-Site-Scripting

May 2007

May 24, 2007 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Report a Vulnerability: security@otrs.org Recommended Resolution This vulnerability is fixed in OTRS 2.0.5, and it is recommended to upgrade to this version. Workaround Next to upgrading to the mentioned fixed releases, a workaround is

Read More

Security Advisory 2005-01 – Vulnerabilities in OTRS-Core allows SQL-Injection and Cross-Site-Scripting

November 2005

November 22, 2005 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Report a Vulnerability: security@otrs.org Recommended Resolution These vulnerabilities are fixed in OTRS 2.0.4 and OTRS 1.3.3, and it is recommended to upgrade to one of these versions. Workaround As a workaround for vulnerability #2

Read More