RT 1.0.7 vulnerable to Cross Site Scripting attacks
All versions of RT 1.0, up to and including RT 1.0.7 are vulnerable to a cross site scripting attack with content included in message bodies. If you use RT 1.0 to handle mail from unknown or possibly malicious users, an attacker could exploit this hole to perform actions within RT as any staff us...