+++++++++ Security Advisory 2020-03: Security Update for OTRS Framework +++++++++ Releases: OTRS 7.0.x, OTRS 6.0.x, Release date: 10-January-2020 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2020-03 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2020-03 Date: 2020-01-10 Title: Possible to send drafted messages as wrong agent Severity: 3.5 LOW Product: OTRS 7.0.x, OTRS 6.0.x Fixed in: OTRS 7.0.14, OTRS 6.0.25 References: CVE-2020-1767 To read the entire Security Advisory please follow this link. https://community.otrs.com/security-advisory-2020-03/ +++++++++ Security Advisory 2020-02: Security Update for OTRS Framework +++++++++ Releases: OTRS 7.0.x, OTRS 6.0.x, OTRS 5.0.x Release date: 10-January-2020 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2020-02 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2020-02 Date: 2020-01-10 Title: Improper handling of uploaded inline images Severity: 2.0 LOW Product: OTRS 7.0.x, OTRS 6.0.x, OTRS 5.0.x Fixed in: OTRS 7.0.14, OTRS 6.0.25,, OTRS 5.0.40 References: CVE-2020-1766 To read the entire Security Advisory please follow this link. https://community.otrs.com/security-advisory-2020-02/ +++++++++ Security Advisory 2020-01: Security Update for OTRS Framework +++++++++ Releases: OTRS 7.0.x, OTRS 6.0.x, OTRS 5.0.x Release date: 10-January-2020 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2020-01 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2020-01 Date: 2020-01-10 Title: Spoofing of From field in several screens Severity: 3.5. LOW Product: OTRS 7.0.x, OTRS 6.0.x, OTRS 5.0.x Fixed in: OTRS 7.0.14, OTRS 6.0.25,, OTRS 5.0.40 References: CVE-2020-1765 To read the entire Security Advisory please follow this link. https://community.otrs.com/security-advisory-2020-01/ Best regards Bernd Maus — Online Marketing Manager OTRS AG Zimmersmühlenweg 11 61440 Oberursel Germany T: +49 6172 681988-44 F: +49 9421 56818-18 I: https://www.otrs.com/ Business location: Oberursel, Country Court: Bad Homburg, HRB 10751, VAT ID: DE256610065 Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), Christopher Kuhn, Sabine Riedel OTRS 7 | Automation • Agility • Communication • Transparency Find out more OTRS is a SERVIEW CERTIFIEDTOOL.