+++++++++++++++++++++++++ OTRS Security Advisory 2012-03 OTRS 3.1.11 ++ +++++++++++++++++++++ Release: OTRS Help Desk 3.1.11 Release date: 16-October-2012 Status: Patch Level Release SECURITY FIXES: ============== ------------------------------------------------------------------ OTRS Security Advisory 2012-03 <security at otrs.org> ------------------------------------------------------------------ ID: OSA-2012-03 Date: 2012-10-16 Title: XSS vulnerability Severity: Low (Overall CVSS Score: 3.9) Affected: OTRS Help Desk 2.4.x, OTRS Help Desk 3.0.x, OTRS Help Desk 3.1.x Fixed in: OTRS 2.4.15, 3.0.17, 3.1.11 URL: http://www.otrs.com/en/open-source/community-news/security-advisories/securi... FULL CVSS v2 VECTOR: AV:N/AC:L/AU:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C/ CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND References: CVE-2012-4751, VU#603276 To read the entire Security Advisory please follow this link. http://www.otrs.com/en/open-source/community-news/security-advisories/securi... There will also be Release Notes for the newest versions of OTRS Help Desk, where this vulnerability is fixed and we recommend an update to one of these new versions. Best regards Josephine Günther ---- Marketing Manager OTRS AG Norsk-Data-Straße 1 61352 Bad Homburg Germany T: +49 (0) 6172 681988 0 F: +49 (0) 9421 56818 18 I: http://www.otrs.com/ Business location: Bad Homburg, Country Court: Bad Homburg, HRB 10751, VAT ID: DE256610065 Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), Christopher Kuhn, Sabine Riedel It's raining ... OTRS Feature Add-Ons: Choose up to 10 OTRS Feature Add-Ons for free and get direct support from the creators of OTRS – Become a Subscription customer now !