595 matches found
CVE-2025-61873
Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...
CVE-2023-45024
Best Practical Request Tracker RT 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder...
CVE-2018-18898
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing...
Debian: Security Advisory (DLA-4349-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2025-61873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used. CVE-2025-61873 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2025-9158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML...
[SECURITY] [DLA 4349-1] request-tracker4 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4349-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 26, 2025 https://wiki.debian.org/LTS -...
Debian dla-4349 : request-tracker4 - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4349 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4349-1 [email protected] https://www.debian.org/lts/security/...
DLA-4349-1 request-tracker4 - security update
Bulletin has no description...
CVE-2025-9158
The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...
Request Tracker 安全漏洞
Request Tracker is an issue and work order tracking system from Request Tracker, Inc. A security vulnerability exists in Request Tracker versions 5.0.4 through 5.0.8 and 6.0.0 through 6.0.1, which stems from a failure of the calendar invitation parsing feature to clean up HTML, which could lead t...
CVE-2025-9158
The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...
UBUNTU-CVE-2025-9158
The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...
CVE-2025-9158 Stored XSS in Request Tracker
The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...
CVE-2025-9158
CVE-2025-9158 affects Request Tracker: Stored XSS in the calendar invitation parsing feature that does not sanitize HTML, enabling JavaScript execution when a crafted invitation is displayed to a logged-in user. Affected versions: 5.0.4–5.0.8 and 6.0.0–6.0.1. Documented across multiple feeds (NVD...
EUVD-2025-35802
The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...
CVE-2025-9158 Stored XSS in Request Tracker
The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...
Request Tracker Security Vulnerability
Request Tracker is an issue and work order tracking system from Request Tracker, Inc. A security vulnerability exists in Request Tracker. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the vendor announcement...
[SECURITY] [DSA 6032-1] request-tracker4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6032-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 22, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DSA 6031-1] request-tracker5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6031-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 22, 2025 https://www.debian.org/security/faq -...