Security Advisories

Dear reader,

The following security fix/es was/were made:

OTRS Security Advisory 2022-12

ID: OSA-2022-12

Date: 2022-09-05

Title: Perl Code execution in Template Toolkit

Severity: 6.8 MEDIUM

Product: ((OTRS)) Community Edition 6.0.x, OTRS 7.0.x, OTRS 8.0.x

Fixed in: OTRS 8.0.25, OTRS 7.0.37,

FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

References: CVE-2022-39051

OTRS Security Advisory 2022-11

ID: OSA-2022-11

Date: 2022-09-05

Title: Possible XSS stored in customer information

Severity: 4.6. MEDIUM

Product: ((OTRS)) Community Edition 6.0.x, OTRS 7.0.x, OTRS 8.0.x

Fixed in: OTRS 7.0.37, OTRS 8.0.25

FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

References: CVE-2022-39050

OTRS Security Advisory 2022-10

ID: OSA-2022-10

Date: 2022-09-05

Title: Possible XSS in Admin Interface

Severity: 3.5 LOW

Product: ((OTRS)) Community Edition 6.0.x, OTRS 7.0.x, OTRS 8.0.x

Fixed in: OTRS 7.0.37, OTRS 8.0.25

FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N

References: CVE-2022-39049

To read the entire Security Advisory/Advisories, please follow this link:
https://otrs.com/overview-release-notes-security-advisories/security-advisories/

Kind regards,
Your OTRS release team

Subscribe to the OTRS Newsletter.

Read about OTRS service management solutions, product features, and interesting tips from our experts every month. Simply select your desired language.

Visit www.otrs.com or contact us.