Debian Linux Security Advisory 2536-1 - It was discovered that otrs2, a ticket request system, contains a cross-site scripting vulnerability when email messages are viewed using Internet Explorer. This update also improves the HTML security filter to detect tag nesting.
4f188624c08347780c254407978e0878a970ce7fb48697547c14a11bb88e4231