Security Advisory 2008-01 – Vulnerability in OTRS SOAP interface allows remote access without valid SOAP user

Mar 2008

March 31, 2008 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Report a Vulnerability: security@otrs.org Recommended Resolution This vulnerability is fixed in OTRS 2.1.8 and OTRS 2.2.6, and it is recommended to upgrade to one of these versions. Fixed OTRS releases can be found at:

Read More

Security Advisory 2007-01 – Vulnerability in OTRS agent mailbox view allows Cross-Site-Scripting

May 2007

May 24, 2007 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Report a Vulnerability: security@otrs.org Recommended Resolution This vulnerability is fixed in OTRS 2.0.5, and it is recommended to upgrade to this version. Workaround Next to upgrading to the mentioned fixed releases, a workaround is

Read More

Security Advisory 2005-01 – Vulnerabilities in OTRS-Core allows SQL-Injection and Cross-Site-Scripting

Nov 2005

November 22, 2005 — Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Report a Vulnerability: security@otrs.org Recommended Resolution These vulnerabilities are fixed in OTRS 2.0.4 and OTRS 1.3.3, and it is recommended to upgrade to one of these versions. Workaround As a workaround for vulnerability #2

Read More