Security Advisories

Dear reader,

The following security fixes were made:

OTRS Security Advisory 2020-15

ID: OSA-2020-15
Date: 2020-10-12
Title: Agent names disclosed in chat feature.
Severity: 4.3 MEDIUM
Product: OTRS 8.0.x, OTRS 7.0.x
Fixed in: OTRS 8.0.7, OTRS 7.0.22
FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
References: CVE-2020-1777

OTRS Security Advisory 2020-14

ID: OSA-2020-14
Date: 2020-10-12
Title: Vulnerability in third-party library - jquery
Severity: 6.3 MEDIUM, 6.5 MEDIUM
Product: OTRS 8.0.x, OTRS 7.0.x, OTRS 6.0.x
Fixed in: OTRS 8.0.7, OTRS 7.0.22, OTRS 6.0.30
FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C, CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:R
References: CVE-2020-11023, CVE-2020-11022

To read the entire Security Advisory/Advisories, please follow this link:
https://otrs.com/overview-release-notes-security-advisories/security-advisories/

Kind regards,
Your OTRS release team

Visit www.otrs.com or contact us.

OTRS AG

Zimmersmühlenweg 11
61440 Oberursel
Germany
+49 6172 681988 0