+++++++++ Security Advisory 2020-10: Security Update for OTRS Framework +++++++++ Releases: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Release date: 27-March-2020 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2020-10 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2020-10 Date: 2020-03-27 Title: Session / Password token leak Severity: 7.3 HIGH Product: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Fixed in: OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, ((OTRS)) Community Edition 5.0.42 References: CVE-2020-1773 To read the entire Security Advisory please follow this link. https://community.otrs.com/security-advisory-2020-10 +++++++++ Security Advisory 2020-09: Security Update for OTRS Framework +++++++++ Releases: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Release date: 27-March-2020 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2020-09 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2020-09 Date: 2020-03-27 Title: Information Disclosure Severity: 6.5 MEDIUM Product: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Fixed in: OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, ((OTRS)) Community Edition 5.0.42 References: CVE-2020-1772 To read the entire Security Advisory please follow this link. https://community.otrs.com/security-advisory-2020-09 +++++++++ Security Advisory 2020-08: Security Update for OTRS Framework +++++++++ Releases: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Release date: 27-March-2020 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2020-08 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2020-08 Date: 2020-03-27 Title: Possible XSS in Customer user address book Severity: 4.6 MEDIUM Product: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, Fixed in: OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, References: CVE-2020-1771 To read the entire Security Advisory please follow this link. https://community.otrs.com/security-advisory-2020-08 +++++++++ Security Advisory 2020-07: Security Update for OTRS Framework +++++++++ Releases: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Release date: 27-March-2020 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2020-07 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2020-07 Date: 2020-03-27 Title: Information disclosure in support bundle files Severity: 2.4 LOW Product: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Fixed in: OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, ((OTRS)) Community Edition 5.0.42 References: CVE-2020-1770 To read the entire Security Advisory please follow this link. https://community.otrs.com/security-advisory-2020-07 +++++++++ Security Advisory 2020-06: Security Update for OTRS Framework +++++++++ Releases: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Release date: 27-March-2020 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2020-06 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2020-06 Date: 2020-03-27 Title: Autocomplete in the form login screens Severity: 3.5 LOW Product: OTRS 7.0.x, ((OTRS)) Community Edition 6.0.x, ((OTRS)) Community Edition 5.0.x Fixed in: OTRS 7.0.16, ((OTRS)) Community Edition 6.0.27, ((OTRS)) Community Edition 5.0.42 References: CVE-2020-1769 To read the entire Security Advisory please follow this link. https://community.otrs.com/security-advisory-2020-06 Bernd Maus — Online Marketing Manager OTRS AG Zimmersmühlenweg 11 61440 Oberursel Germany T: +49 6172 681988-44 F: +49 9421 56818-18 I: https://www.otrs.com/ Business location: Oberursel, Country Court: Bad Homburg, HRB 10751, VAT ID: DE256610065 Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), Christopher Kuhn, Sabine Riedel OTRS 8 | Fast • Modern • Secure Learn more. OTRS is a SERVIEW CERTIFIEDTOOL.