Rt Security Vulnerabilities and Issues — Rt CVE List

Lucene search

BestpracticalRt

3 matches found

CVE•added 2013/08/23 4:55 p.m.•51 views

CVE-2013-3368

bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name.

3.3CVSS8.1AI score0.0005EPSS

CVE•added 2012/06/04 7:55 p.m.•45 views

CVE-2011-4459

Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.

3.5CVSS6AI score0.00259EPSS

CVE•added 2012/11/11 1:0 p.m.•42 views

CVE-2012-4730

Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.

3.5CVSS5.9AI score0.00176EPSS