Security Advisories Dear reader, The following security fix/es was/were made: OTRS Security Advisory 2021-10 ID: OSA-2021-10 Date: 2021-07-26 Title: Support Bundle includes S/Mime and PGP keys Severity: 5.2 MEDIUM Product: OTRS 8.0.x, OTRS 7.0.x Fixed in: OTRS 8.0.15, OTRS 7.0.28 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N References: CVE-2021-21440 OTRS Security Advisory 2021-12 ID: OSA-2021-12 Date: 2021-07-26 Title: XSS vulnerability in Time Accounting Severity: 4.5. MEDIUM Product: TimeAccounting 7.0.x Fixed in: TimeAccounting 7.0.20 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N References: CVE-2021-21442 OTRS Security Advisory 2021-13 ID: OSA-2021-13 Date: 2021-07-26 Title: Unautorized listing of the customer user emails Severity: 3.5 LOW Product: OTRS 7.0.x, OTRS 6.0.x, Fixed in: OTRS 7.0.28 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N References: CVE-2021-21443 OTRS Security Advisory 2021-14 ID: OSA-2021-14 Date: 2021-07-26 Title: Unautorized access to the calendar appointments Severity: 3.5 LOW Product: OTRS 7.0.x, OTRS 6.0.x Fixed in: OTRS 7.0.28 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N References: CVE-2021-36091 OTRS Security Advisory 2021-15 ID: OSA-2021-15 Date: 2021-07-26 Title: XSS attack using special link in email Severity: 6.5 MEDIUM Product: OTRS 8.0.x, OTRS 7.0.x, OTRS 6.0.x Fixed in: OTRS 8.0.15, OTRS 7.0.28 FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N References: CVE-2021-36092 To read the entire Security Advisory/Advisories, please follow this link: https://otrs.com/overview-release-notes-security-advisories/security-advisor...  https://pg183.keap-link003.com/api/v1/click/6002577902010368/488148111209267... Kind regards, Your OTRS release team https://pg183.keap-link005.com/api/v1/click/5673301784788992/488148111209267... Subscribe to the OTRS Newsletter. Read about OTRS service management solutions, product features, and interesting tips from our experts every month. Simply select your desired language. German https://pg183.keap-link005.com/api/v1/click/5647167009456128/488148111209267... English https://pg183.keap-link005.com/api/v1/click/5153833979609088/488148111209267... Spanish https://pg183.keap-link005.com/api/v1/click/6690562406481920/488148111209267... Portuguese https://pg183.keap-link005.com/api/v1/click/6302750750408704/488148111209267... https://www.facebook.com/OTRSGroup/ https://twitter.com/otrsgroup https://www.linkedin.com/company/154779 https://www.youtube.com/channel/UCHdOAyuwwkkk5ko_vy0X8_g https://www.instagram.com/otrs_group/ Visit www.otrs.com https://pg183.keap-link005.com/api/v1/click/5125768113160192/488148111209267... or contact us.  https://pg183.keap-link005.com/api/v1/click/6349859293888512/488148111209267... OTRS AG Zimmersmühlenweg 11 61440 Oberursel Germany +49 6172 681988 0