Advisories ยป MGASA-2013-0196

Updated otrs package fixes security vulnerabilities

Publication date: 01 Jul 2013
Modification date: 01 Jul 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-3551 , CVE-2013-4088

Description

An attacker with a valid agent login could manipulate URLs in the ticket
watch mechanism to see contents of tickets they are not permitted to see
(CVE-2013-3551, CVE-2013-4088).

References

SRPMS

3/core

2/core