MDVSA-2015:043: otrs

Updated otrs package fixes security vulnerability:

An attacker with valid OTRS credentials could access and manipulate
ticket data of other users via the GenericInterface, if a ticket
webservice is configured and not additionally secured (CVE-2014-9324).

Leave a Reply