Updated otrs package fixes security vulnerability
Publication date: 02 Mar 2014Modification date: 02 Mar 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-1695
Description
An attacker could send a specially prepared HTML email to OTRS. If he can then trick an agent into following a special link to display this email, JavaScript code would be executed (CVE-2014-1695).
References
SRPMS
3/core
- otrs-3.2.15-1.mga3
4/core
- otrs-3.2.15-1.mga4