4 matches found
The vulnerability of the Request Tracker system for enterprise-level request tracking and monitoring lies in its excessive data output when searching transactions by authenticated users in the transaction builder. This allows attackers to gain unauthorized access to confidential information.
The vulnerability of the Request Tracker system for enterprise-level order tracking and monitoring exists due to excessive data output by the application when searching transactions for authenticated users in the transaction request builder. Exploiting this vulnerability could allow a malicious...
Debian DSA-5541-1 : request-tracker5 - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5541 advisory. - Request Tracker reports: CVE-2023-41259 SECURITY: RT is vulnerable to unvalidated email headers in incoming email and the mail-gateway REST interface...
FreeBSD : Request Tracker -- multiple vulnerabilities (e14b9870-62a4-11ee-897b-000bab9f87f1)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e14b9870-62a4-11ee-897b-000bab9f87f1 advisory. - Request Tracker reports: CVE-2023-41259 SECURITY: RT is vulnerable to unvalidated email...
Request Tracker -- multiple vulnerabilities
Request Tracker reports: CVE-2023-41259 SECURITY: RT is vulnerable to unvalidated email headers in incoming email and the mail-gateway REST interface. CVE-2023-41260 SECURITY: RT is vulnerable to information leakage via response messages returned from requests sent via the mail-gateway REST...