Advisories ยป MGASA-2014-0114

Updated otrs package fixes security vulnerability

Publication date: 02 Mar 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-1695

Description

An attacker could send a specially prepared HTML email to OTRS. If he can
then trick an agent into following a special link to display this email,
JavaScript code would be executed (CVE-2014-1695).
                

References

SRPMS

4/core

3/core