DescriptionAn issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
SUSE informationSUSE Bugzilla entry: 1103800 [RESOLVED / FIXED] SUSE Security Advisories:
- openSUSE-SU-2018:3005-1, published Thu, 4 Oct 2018 18:25:33 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Package Hub for SUSE Linux Enterprise 15|| ||Patchnames: |
|openSUSE Leap 15.0|| ||Patchnames: |