oss-sec mailing list archives

Re: CVE Request: otrs: CSRF issue in customer web interface

From: cve-assign () mitre org
Date: Wed, 29 Jan 2014 14:14:10 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We coordinated this separately with the upstream vendor, and the
outcome was:

CVE-2014-1471 = https://www.otrs.com/security-advisory-2014-02-sql-injection-issue/

CVE-2014-1694 = https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface/

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJS6VKOAAoJEKllVAevmvmsCPIIALtbtthzewyLGa4sQp/CRC29
8oMYwQa+AjdUSfBXZnrxZ8BqL4rQZ1y/WTHAVwUNWTInOxUXUlhGh+kIi0SXtKT6
aDvi8rl3NYfU56j1wMe2VQVWe4QlzPJMlBhqhymZG0cEy0wY8tcDmXC7LkkKOUkF
G0iQXeNkLBg+A8Z3EyxfSTBoLvh2AOViC3gdyNRpUXSMK2p1rwvmphygbxiIeoGZ
xfpvpBKDDUqlsnt27irLuQzKWyFhKSfV9hpwX5bRymb30JfMxA31zeTxfuybos/9
ZSnRc+E5KsJTPq+viT0kGKoyRyeopVl1z68CqhlOub3R+D+r5mHW4RL8Jeldj1U=
=m2SP
-----END PGP SIGNATURE-----

Current thread:

CVE Request: otrs: CSRF issue in customer web interface Salvatore Bonaccorso (Jan 29)
- Re: [Ticket#2014012942020471] CVE Request: otrs: CSRF issue in customer web interface Jens Bothe via OTRS Security Team (Jan 29)
- Re: CVE Request: otrs: CSRF issue in customer web interface cve-assign (Jan 29)