UBUNTU-CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

CVE-2025-61873

Summary: CVE-2025-61873 affects Best Practical Request Tracker (RT). The connected Debian advisory confirms the issue is a CSV injection vulnerability in RT exports to TSV from search results, caused by ticket values containing certain characters and exported in TSV, enabling injection. Debian li...

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

FreeBSD : RT -- CSV injection (b374df95-afa8-11f0-b4c8-792b26d8a051)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b374df95-afa8-11f0-b4c8-792b26d8a051 advisory. Gareth Watkin-Jones from 4armed reports: RT is vulnerable to CSV injection via ticket values with speci...

RT -- CSV injection

Gareth Watkin-Jones from 4armed reports: RT is vulnerable to CSV injection via ticket values with special characters that are exported to a TSV from search results. Thanks to Gareth Watkin-Jones from 4armed for reporting this finding...

[SECURITY] [DSA 6032-1] request-tracker4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6032-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 22, 2025 https://www.debian.org/security/faq -...