+++++++++++++++++++++++++ OTRS Security Advisory 2012-03 OTRS 3.1.11 +++++++++++++++++++++++

Release:		OTRS Help Desk 3.1.11
Release date:		16-October-2012
Status:                 Patch Level Release


SECURITY FIXES:
============== 

------------------------------------------------------------------
OTRS Security Advisory 2012-03		<security at otrs.org>
------------------------------------------------------------------
ID: 			OSA-2012-03
Date: 			2012-10-16
Title: 			XSS vulnerability
Severity: 		Low (Overall CVSS Score: 3.9) 
Affected:		OTRS Help Desk 2.4.x, OTRS Help Desk 3.0.x, OTRS Help Desk 3.1.x
Fixed in: 		OTRS 2.4.15, 3.0.17, 3.1.11
URL: 			http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2012-03/
FULL CVSS v2 VECTOR:	AV:N/AC:L/AU:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C/CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND 
References:		CVE-2012-4751, VU#603276 
		

To read the entire Security Advisory please follow this link.

http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2012-03/

There will also be Release Notes for the newest versions of OTRS Help Desk, where this vulnerability is fixed and we recommend an update to one of these new versions.

Best regards

Josephine Günther
----
Marketing Manager

OTRS AG
Norsk-Data-Straße 1
61352 Bad Homburg
Germany

 

T: +49 (0) 6172 681988 0
F: +49 (0) 9421 56818 18
I:  http://www.otrs.com/

Business location: Bad Homburg, Country Court: Bad Homburg, HRB 10751, VAT ID: DE256610065
Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), Christopher Kuhn, Sabine Riedel


It's raining ... OTRS Feature Add-Ons:  Choose up to 10  OTRS Feature Add-Ons for free and get direct support from the creators of OTRS  – Become a Subscription customer now !