Sprache wechseln auf deutsch
Znuny Professional Services

The ((OTRS)) Community Edition Fork with long-term Support (LTS)



Sorry to disturb your holiday preparations, but there is an SQL injection vulnerability in Kernel::System::Ticket::TicketSearch, which can be exploited using the web service operation "TicketSearch".

We released a fix for the versions Znuny 6.0 LTS and Znuny 6.4.

If you can't perform a patch level update right now, we also released patched files which can be found here:

Thanks to "Tim Püttmanns (maxence.de)" for reporting.