This update for otrs fixes the following issues:

Update to version 4.0.33.

Security issues fixed:

- CVE-2018-19141: Fixed privilege escalation, that an attacker who is logged into OTRS as an admin user cannot manipulate the URL to cause execution of JavaScript in the context of OTRS.
- CVE-2018-19143: Fixed remote file deletion, that an attacker who is logged into OTRS as a user cannot manipulate the submission form to cause deletion of arbitrary files that the OTRS web server user has write access to.

Non-security issues fixed:

- Full release notes can be found at:
* https://community.otrs.com/release-notes-otrs-4-patch-level-33/