+++++++++ OTRS Security Advisory 2014-03 OTRS Help Desk 3.3.5, 3.2.15, 3.1.20 +++++++++ Releases: OTRS Help Desk 3.3.5, 3.2.15, 3.1.20 Release date: 25-February-2014 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2014-03 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2014-03 Date: 2014-02-25 Title: XSS Issue Severity: Low (Overall CVSS Score: 3.4) Fixed in: OTRS Help Desk 3.3.5 3.2.15, 3.1.20 URL: https://www.otrs.com/security-advisory-2014-03-xss-issue/ CVE: CVE-2014-1695 https://www.otrs.com/security-advisory-2014-03-xss-issue/ There will also be Release Notes for the newest versions of OTRS Help Desk and OTRS::ITSM, where this vulnerability is fixed and we recommend an update to one of these new versions. Best regards Annalena Navarro von Starck Marketing Assistant OTRS AG Norsk-Data-Straße 1 61352 Bad Homburg Germany T: +49 (0) 6172 681988 0 F: +49 (0) 9421 56818 18 I: http://www.otrs.com/ Business location: Bad Homburg, Country Court: Bad Homburg, HRB 10751, VAT ID: DE256610065 Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), Christopher Kuhn, Sabine Riedel