Sprache wechseln auf deutsch
Znuny Professional Services

The ((OTRS)) Community Edition Fork with long-term Support (LTS)

Overview

ZSA-2021-01

Date
2021-01-27
Affected
all OTRS Versions <= 6.0.30
Severity
low
CVE
CVE-2018-17960

There are several XSS vulnerabilities in CKEditor prior Version 4.15.1.
Those could be used to collect cookie-/session- and other sensitive information from
a user.

The issue is fixed in the current stable release Znuny 6.0.31. An update is recommended.

Please see the release notes of the CKEDitor for more detailed information.