Author: core
Description:
Details here:
http://otrs-wiki.wikimedia.org/wiki/Volunteers%27_noticeboard#Security_vulnerability
Version: unspecified
Severity: critical
URL: http://ticket.wikimedia.org
Author: core
Description:
Details here:
http://otrs-wiki.wikimedia.org/wiki/Volunteers%27_noticeboard#Security_vulnerability
Version: unspecified
Severity: critical
URL: http://ticket.wikimedia.org
scream wrote:
Reported upstream to the OTRS security contact. I'll post here the result. Also, I've informed TStarling of the upstream report, just in case this *is* a local configuration issue.
gnu1742 wrote:
Could any information about the progress of this bug be posted on the otrs-wiki? This is a security-issue concerning the privacy of all OTRS-Agents, so a mere 'Resolved, Resolution Later' is a bit poor as the only progress within 2 weeks.
What's the status on this?
I'd like to assume whatever it was got fixed, but... asking is better.
I would file a followup in the internal RT tracker, but my password appears to have been lost and there's no reset system so I can't get in.
Maybe it would help to update OTRS to the latest version *hides* It's on the xmas wishlist of the OTRS team.
Bumping up priority, though I'm not sure what the issue is since I don't currently have access to OTRS wiki.
...and after further investigation, it appears this one was fixed shortly after it was reported.