Security Advisories Dear reader, The following security fix/es was/were made: OTRS Security Advisory 2023-04 ID: OSA-2023-04 Date: 2023-06-27 Title: Host header injection by attachments in web service Severity: 6.3 MEDIUM Product: ((OTRS)) Community Edition 6.0.x, OTRS 7.0.x, OTRS 8.0.x Fixed in: OTRS 7.0.45, OTRS 8.0.35 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L References: CVE-2023-38060 OTRS Security Advisory 2023-05 ID: OSA-2023-05 Date: 2023-06-29 Title: Code execution via System Configuration Severity: 7.2 HIGH Product: ((OTRS)) Community Edition 6.0.x, OTRS 7.0.x, OTRS 8.0.x Fixed in: OTRS 7.0.45, OTRS 8.0.35 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H References: CVE-2023-38056 OTRS Security Advisory 2023-06 ID: OSA-2023-06 Date: 2023-07-24 Title: Possible XSS stored in survey answers Severity: 4.1 MEDIUM Product: Survey 6.0.x, Survey 7.0.x, Survey 8.0.x Fixed in: Survey 7.0.32, Survey 8.0.13 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N References: CVE-2023-38057 OTRS Security Advisory 2023-07 ID: OSA-2023-07 Date: 2023-07-24 Title: Tickets can be moved without permission Severity: 4.1 MEDIUM Product: OTRS 8.0.x Fixed in: OTRS 8.0.35 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N References: CVE-2023-38058 To read the entire Security Advisory/Advisories, please follow this link: https://otrs.com/overview-release-notes-security-advisories/security-advisor... https://pg183.keap-link011.com/v2/click/6fb2d7645c3a9007f68835596c8b836c/eJy... Kind regards, Your OTRS release team https://pg183.keap-link011.com/v2/click/f77fb911440f3bedc8a2c68cc94b7550/eJy... Subscribe to the OTRS Newsletter. Read about OTRS service management solutions, product features, and interesting tips from our experts every month. Simply select your desired language. German https://pg183.keap-link011.com/v2/click/0f9a2178ada66f1328ad59b5045e6750/eJy... English https://pg183.keap-link011.com/v2/click/05a1d2538d57ef52056db7deaf1a943d/eJy... Spanish https://pg183.keap-link011.com/v2/click/a023a9204849aa837b442c3134299286/eJy... Portuguese https://pg183.keap-link011.com/v2/click/4a3696f7a45e3a5e5d7b60c4f8424c0a/eJy... https://www.facebook.com/OTRSGroup/ https://twitter.com/otrsgroup https://www.linkedin.com/company/154779 https://www.youtube.com/channel/UCHdOAyuwwkkk5ko_vy0X8_g https://www.instagram.com/otrs_group/ Visit www.otrs.com https://pg183.keap-link011.com/v2/click/2eecf811a3804f82cb625cb3c5079f9e/eJy... or contact us. https://pg183.keap-link011.com/v2/click/bff39be1cc9150dee01368fba8cd980b/eJy... OTRS AG Zimmersmühlenweg 11 61440 Oberursel Germany +49 6172 681988 0