Lucene search
+L

595 matches found

Vulnrichment
Vulnrichment
added 2026/01/16 12:0 a.m.3 views

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

2.6CVSS6.8AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.7 views

CVE-2023-45024

Best Practical Request Tracker RT 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder...

7.5CVSS6.6AI score0.00596EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:11 p.m.5 views

CVE-2018-18898

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing...

7.5CVSS6.9AI score0.02356EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/10/27 12:0 a.m.4 views

Debian: Security Advisory (DLA-4349-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.6CVSS6.8AI score0.00193EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-61873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used. CVE-2025-61873 Note that Nessus...

2.6CVSS6AI score0.00193EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-9158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML...

5.3CVSS6AI score0.00404EPSS
Exploits0References2
Debian
Debian
added 2025/10/26 11:55 a.m.8 views

[SECURITY] [DLA 4349-1] request-tracker4 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4349-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 26, 2025 https://wiki.debian.org/LTS -...

2.6CVSS7.2AI score0.00193EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/26 12:0 a.m.8 views

Debian dla-4349 : request-tracker4 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4349 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4349-1 [email protected] https://www.debian.org/lts/security/...

2.6CVSS5.6AI score0.00193EPSS
Exploits0References4
OSV
OSV
added 2025/10/26 12:0 a.m.5 views

DLA-4349-1 request-tracker4 - security update

Bulletin has no description...

2.6CVSS7AI score0.00193EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/25 6:17 a.m.12 views

CVE-2025-9158

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

5.3CVSS6.4AI score0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/25 12:0 a.m.5 views

Request Tracker 安全漏洞

Request Tracker is an issue and work order tracking system from Request Tracker, Inc. A security vulnerability exists in Request Tracker versions 5.0.4 through 5.0.8 and 6.0.0 through 6.0.1, which stems from a failure of the calendar invitation parsing feature to clean up HTML, which could lead t...

5.3CVSS5.7AI score0.00404EPSS
Exploits0References2
NVD
NVD
added 2025/10/24 6:15 a.m.5 views

CVE-2025-9158

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

5.3CVSS0.00404EPSS
Exploits0References2
OSV
OSV
added 2025/10/24 6:15 a.m.6 views

UBUNTU-CVE-2025-9158

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

5.3CVSS6.2AI score0.00404EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/24 6:0 a.m.12 views

CVE-2025-9158 Stored XSS in Request Tracker

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

5.3CVSS0.00404EPSS
Exploits0References2
CVE
CVE
added 2025/10/24 6:0 a.m.14 views

CVE-2025-9158

CVE-2025-9158 affects Request Tracker: Stored XSS in the calendar invitation parsing feature that does not sanitize HTML, enabling JavaScript execution when a crafted invitation is displayed to a logged-in user. Affected versions: 5.0.4–5.0.8 and 6.0.0–6.0.1. Documented across multiple feeds (NVD...

5.3CVSS6.2AI score0.00404EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/24 6:0 a.m.5 views

EUVD-2025-35802

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

5.3CVSS6.1AI score0.00404EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/24 6:0 a.m.2 views

CVE-2025-9158 Stored XSS in Request Tracker

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

5.3CVSS6.2AI score0.00404EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.10 views

Request Tracker Security Vulnerability

Request Tracker is an issue and work order tracking system from Request Tracker, Inc. A security vulnerability exists in Request Tracker. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the vendor announcement...

2.6CVSS5.8AI score0.00193EPSS
Exploits0References2
Debian
Debian
added 2025/10/22 8:50 p.m.8 views

[SECURITY] [DSA 6032-1] request-tracker4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6032-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 22, 2025 https://www.debian.org/security/faq -...

2.6CVSS7.2AI score0.00193EPSS
Exploits0
Debian
Debian
added 2025/10/22 8:43 p.m.12 views

[SECURITY] [DSA 6031-1] request-tracker5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6031-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 22, 2025 https://www.debian.org/security/faq -...

5.3CVSS7.1AI score0.00404EPSS
Exploits0
Rows per page
Query Builder