Sprache wechseln auf deutsch
Znuny Professional Services

The ((OTRS)) Community Edition Fork with long-term Support (LTS)

Overview

ZSA-2021-10

This issue was identified and reported by Stefan Härter - OTOBO.

An authenticated agent with admin permission is able to create an XSS payload to Dynamic Field validation-messages.

The issue is fixed in the current release 6.0.37 / 6.1.2 . All download links can be found in the release notes 6.0.37 / release notes 6.1.2.

Please update as soon as possible.