SECURITY ADVISORY
- PUBLISHING DATE:
- RELEASE TYPE:
- CRITICALITY:
- AFFECTED VERSION:
- September 25, 2025
- Security Patch Release
- MEDIUM
- OTOBO 11.0
Description
- [Security | medium] Fix for a potential privilege escalation via
backup.plA potential security vulnerability has been closed, which – only on systems configured to allow
backup.plto be executed with root permissions by any user (e.g. by modifying the sudoers file) – potentially enabled a command injection. This could allow standard users on the OTOBO server to execute arbitrary commands with root privileges.
Standard installations are not affected.
Thanks to Diego Berger Tellaroli for reporting this issue! [#4619]
- [Security | medium] Incorrect group assignment with LDAP-Sync and Nested Group Search
We fixed an issue where users were assigned too many groups when LDAP-Sync was used with the NestedGroupSearch option enabled in theConfig.pm. The cause was a bug that always inherited nested groups to users already assigned to the parent group.
Only installations that authenticate agents via LDAP, use the LDAP-Sync module, and have NestedGroupSearch enabled are affected.
Standard systems without this configuration are not affected.
Thanks to our partner FREICON for reporting this! [#4695]
Enhancements
- [Enhancement] More detailed database information in the Support Data Collector
The Support Data Collector now provides extended details about the database in use. This makes it easier to analyze system environments in support cases. [#4681]
Changes
- [Changes] Adjusted linking for reference dynamic fields
The target pages of the reference dynamic fields for CustomerUser and CustomerCompany have been updated: instead of pointing to the administration pages, the links now lead directly to the corresponding Information Centers. [#4564]
Bug Fixes
- [Bugfix] Customer ticket form: Fixed an issue where no tickets could be created if a DateTime field was hidden and past dates were not allowed. [#4238]
-
[Bugfix] Mobile view: Adjusted widths for CKEditor and attachment uploads in agent ticket masks. [#4238]
-
[Bugfix] Dynamic fields with grids: Fixed a bug that could cause an Internal Server Error in AgentTicketSearch and ticket overviews. [#4572]
-
[Bugfix] Webservices: Multiselect fields now work correctly. [#4668]
-
[Bugfix] TicketMenu in AgentTicketZoom: Fixed configuration of item order within a cluster. [#4444]
-
[Bugfix] System configuration: Saving a setting as a favorite works again. [#4130]
-
[Bugfix] TicketACL::Autoselect: Dynamic fields that were automatically selected are now properly hidden, even when part of a set or multivalue field. [#4485]
-
[Bugfix] Article table: If article creation fails midway, the table is now properly tidied up. [#4596]
-
[Bugfix] Reference fields: Standard link creation now also works for multivalue fields. [#4590]
-
[Bugfix] Translations: Services and SLAs are now translated correctly in more places. [#4580]
-
[Bugfix] Transition actions: Passing
DynamicField_Name_Datanow works as expected. [#4577] -
[Bugfix] AgentTicketArticleEdit did not correctly enforce all article restrictions. (An agent who owned a ticket could, for example, wrongfully edit email articles.) [#4722]
-
[Bugfix] Validation of mandatory multi-value fields unified: Backend validation has been aligned with frontend validation. Previously, a mandatory field such as
['A','','C']could be stored, as it was technically considered to “have a value” even if one index remained empty. [#4515] - [Bugfix] Display of code blocks in monospace: Code blocks were not displayed in
monospacein HTML views of zoom masks and in CKEditor 5. [#4405]
Next steps
Update to OTOBO 11.0.12
We recommend that you fix the vulnerabilities and benefit from the latest improvements. Please update your system.
Security patch? System update?
No need to handle it alone.
As a support customer, just reach out via our portal or give us a quick call – we’re here to help.
Haven’t worked with us yet? Maybe now’s the perfect time. We’ll be happy to support your next update. Just get in touch – we’d love to hear from you!
Company
OTOBO | Simplify work and create exceptional service experiences.
The Source Code Owner and Maintainer of OTOBO.
Software
Service Management Platform
OTOBO Demo
OTOBO Download
OTOBO Documentation
Report a security issues:
security@otobo.org
