CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

UBUNTU-CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

CVE-2025-61873

Summary: CVE-2025-61873 affects Best Practical Request Tracker (RT). The connected Debian advisory confirms the issue is a CSV injection vulnerability in RT exports to TSV from search results, caused by ticket values containing certain characters and exported in TSV, enabling injection. Debian li...

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

[SECURITY] [DSA 6032-1] request-tracker4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6032-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 22, 2025 https://www.debian.org/security/faq -...

Debian dsa-6032 : request-tracker4 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-6032 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6032-1 [email protected] https://www.debian.org/security/...

Design/Logic Flaw

Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value provided by a low-privileged user in the Subject field of a help request form that is mishandled in a TicketActions/view?tab=group TSV export by an admin user...