Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Request_tracker
(Bestpractical)| Repositories | https://github.com/bestpractical/rt |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-10-18 | CVE-2021-38562 | Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm. | Request_tracker, Debian_linux, Fedora | 7.5 | ||
| 2022-07-14 | CVE-2022-25802 | Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment. | Request_tracker | 6.1 | ||
| 2022-07-14 | CVE-2022-25803 | Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search. | Request_tracker | 6.1 |