+++++++++ OTRS Security Advisory 2014-02 OTRS Help Desk OTRS 3.3.4, 3.2.14, 3.1.19 +++++++++ Releases: OTRS Help Desk 3.3.4, 3.2.14, 3.1.19 Release date: 28-January-2014 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2014-02 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2014-02 Date: 2014-01-28 Title: SQL Injection issue Severity: Low (Overall CVSS Score: 3.6) Fixed in: OTRS Help Desk 3.3.4, 3.2.14, 3.1.19 URL: https://www.otrs.com/security-advisory-2014-02-sql-injection-issue/ CVE: CVE-2014-1471 To read the entire Security Advisory please follow this link. https://www.otrs.com/security-advisory-2014-02-sql-injection-issue/ There will also be Release Notes for the newest versions of OTRS Help Desk and OTRS ITSM, where this vulnerability is fixed and we recommend an update to one of these new versions. Best regards Annalena Navarro von Starck Marketing Assistant OTRS AG Norsk-Data-Straße 1 61352 Bad Homburg Germany T: +49 (0) 6172 681988 0 F: +49 (0) 9421 56818 18 I: http://www.otrs.com/ Business location: Bad Homburg, Country Court: Bad Homburg, HRB 10751, VAT ID: DE256610065 Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), Christopher Kuhn, Sabine Riedel