Switch language to english
Znuny Professional Services

Der ((OTRS)) Community Edition Fork mit Langzeit-Support (LTS)

Überblick

ZSA-2021-01

Date
2021-01-27
Affected
all OTRS Versions <= 6.0.30
Severity
low
CVE
CVE-2018-17960

There are several XSS vulnerabilities in CKEditor prior Version 4.15.1.
Those could be used to collect cookie-/session- and other sensitive information from
a user.

The issue is fixed in the current stable release Znuny 6.0.31. An update is recommended.

Please see the release notes of the CKEDitor for more detailed information.