212 matches found
CVE-2009-3585
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that leverages a second web server within the same doma...
CVE-2009-3585
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that leverages a second web server within the same doma...
CVE-2009-4151
CVE-2009-4151 describes a session fixation vulnerability in Best Practical Solutions RT, affecting RT 3.0.0–3.6.9 and RT 3.8.x up to 3.8.5. The issue arises in the SetupSessionCookie path where an attacker can influence the session identifier via HTTP access to the RT server, enabling potential s...
CVE-2009-3585
CVE-2009-3585 concerns a session fixation vulnerability in Best Practical Solutions RT 3.0.0–3.6.9 and 3.8.x–3.8.5, in the SetupSessionCookie flow (html/Elements/SetupSessionCookie). The underlying issue allows remote attackers to hijack a user’s web session by manipulating the session identifier...
CVE-2009-3892
Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...
Cross site scripting
Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...
CVE-2009-3892
Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...
CVE-2009-3892
The CVE-2009-3892 entry corresponds to a cross-site scripting (XSS) vulnerability in Best Practical Solutions RT (Request Tracker) releases in the 3.x line. Versions affected include RT 3.4.6–3.8.4, RT 3.6.x through 3.6.8, and RT 3.8.x through 3.8.4. The root cause is improper handling of input i...
CVE-2008-3502
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service CPU or memory consumption via unspecified vectors related to the Devel::StackTrace module for Perl...
Design/Logic Flaw
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service CPU or memory consumption via unspecified vectors related to the Devel::StackTrace module for Perl...
CVE-2008-3502
CVE-2008-3502 affects Best Practical Solutions RT versions 3.0.0 through 3.6.6. The vulnerability is described as an unspecified issue related to the Perl Devel::StackTrace module that allows remote authenticated users to cause a denial of service via unspecified vectors, potentially consuming CP...
CVE-2008-3502
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service CPU or memory consumption via unspecified vectors related to the Devel::StackTrace module for Perl...