Sprache wechseln auf deutsch
Znuny Professional Services

The ((OTRS)) Community Edition Fork with long-term Support (LTS)

Overview

ZSA-2021-11

Date
2021-09-29
Affected
all versions of OTRS Community Edition; Znuny LTS 6.0.36, Znuny 6.1.1
Severity
low
CVE
-

This issue was identified and reported by Stefan Härter - OTOBO.

An authenticated agent with admin permission is able to create an XSS payload to Dynamic Field validation-messages.

The issue is fixed in the current release 6.0.37 / 6.1.2 . All download links can be found in the release notes 6.0.37 / release notes 6.1.2.

Please update as soon as possible.