+++++++++ OTRS Security Advisory 2015-03 FAQ 5.0.2 (OTRS 5), FAQ 4.0.3. (OTRS 4), FAQ 2.3.4 (OTRS 3.3) +++++++++

Releases: FAQ 5.0.2 (OTRS 5), FAQ 4.0.3 (OTRS 4), FAQ 2.3.4 (OTRS 3.3)
Release date: 01-December-2015

Status: Patch Level Release

SECURITY FIXES:

==============

------------------------------------------------------------------

OTRS Security Advisory 2015-03 <security at otrs.org>

------------------------------------------------------------------

ID: OSA-2015-03

Date: 2015-11-24

Title: Vulnerability in OTRS FAQ allows user with valid agent login to inject JavaScript code (XSS)

Severity: 3.7 (Low)

Fixed in: FAQ 5.0.2 (OTRS 5), FAQ 4.0.3 (OTRS 4), FAQ 2.3.4 (OTRS 3.3)
URL: https://www.otrs.com/security-advisory-2015-03-vulnerability-discovered-in-otrs-faq-package/

References: CVE-2015-8372

To read the entire Security Advisory please follow this link.

https://www.otrs.com/security-advisory-2015-03-vulnerability-discovered-in-otrs-faq-package/

Best regards

Goran Pismestrovic
—
Marketing Assistant

OTRS AG
Norsk-Data-Straße 1
61352 Bad Homburg
Deutschland

T: +49 (0) 6172 681988 0
F: +49 (0) 9421 56818 18
I: http://www.otrs.com/

Business location: Bad Homburg, Country Court: Bad Homburg, HRB 10751, VAT ID: DE256610065
Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), Christopher Kuhn, Sabine Riedel

Mobile communication and transparent processes - With the OTRS Business Solution™ 5 Managed you can start fast and without your own IT resources - Discover the new features and order here