Request Tracker Security Vulnerabilities and Issues — Request Tracker CVE List

Lucene search

BestpracticalRequest Tracker

5 matches found

CVE•added 2015/03/09 2:59 p.m.•61 views

CVE-2015-1464

RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.

6.4CVSS8.4AI score0.00347EPSS

CVE•added 2015/03/09 2:59 p.m.•56 views

CVE-2014-9472

The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.

7.1CVSS8AI score0.00875EPSS

CVE•added 2015/03/09 2:59 p.m.•52 views

CVE-2015-1165

RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.

5CVSS8.2AI score0.00388EPSS

CVE•added 2015/08/14 6:59 p.m.•51 views

CVE-2015-5475

Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x before 4.2.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) user and (2) group rights management pages.

4.3CVSS7.5AI score0.00442EPSS

CVE•added 2015/09/03 2:59 p.m.•46 views

CVE-2015-6506

Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key.

4.3CVSS5.5AI score0.00442EPSS