CVE-2018-14593

English news about OTRS and this board
Dont create your support topics here!
Forum rules
Dont create your support topics here!
Post Reply
jojo
Moderator
Posts: 14404
Joined: 26 Jan 2007, 14:50
OTRS Version?: Git Master
Contact:

CVE-2018-14593

Post by jojo » 31 Jul 2018, 11:07

Please be aware of a critical security patch for ((OTRS Community Edition)) in versions 4, 5 and 6 released today.

A local attacker (agent) can gain any other users permission via URL manipulation.

Please be also aware that versions prior to OTRS 4 are affected but will not be patched!
"Production": OTRS™ 6, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) git Master

Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com :: Share your ideas

Post Reply