|
Message-ID: <1390990488.513834.821092246.4792691.27@portal.otrs.com> Date: Wed, 29 Jan 2014 10:14:48 +0000 From: Jens Bothe via OTRS Security Team <security@...s.org> To: carnil@...ian.org CC: pmatthaei@...ian.org, oss-security@...ts.openwall.com Subject: Re: [Ticket#2014012942020471] CVE Request: otrs: CSRF issue in customer web interface Hi, 2014-01-29 10:58 (+1) - Salvatore Bonaccorso wrote: A CSRF issue in otrs was announced in [1]. Is a CVE for this issue already assigned? For the OSA-2014-01 we don't have a CVE, just the OTRS Bug report. Regards, Jens Bothe -- OTRS AG Norsk-Data-Straße 1 61352 Bad Homburg T: +49 (0) 6172 681988 0 F: +49 (0) 9421 56818 18 E: [1]sales@...s.com I: [2]http://www.otrs.com/ Business location: Bad Homburg, Country Court: Bad Homburg, HRB 10751, VAT ID: DE256610065 Chairman: Burchard Steinbild, Managing Board: André Mindermann (CEO), Christopher Kuhn, Sabine Riedel Easier Planning and Improved Overviews - Enhance your Service Management with OTRS 3.3 - [3]Download and Test the Stable Release Now! [1] mailto:sales@...s.com [2] http://www.otrs.com/ [3] https://www.otrs.com/new-in-otrs-3-3/ Content of type "text/html" skipped Download attachment "pgp_sign.asc" of type "application/pgp-signature" (491 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.