Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT)
3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions
before 4.0.8, allows remote attackers to hijack the authentication of users
for requests that toggle ticket bookmarks.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | request-tracker3.8 | < 3.8.7-1ubuntu2.3 | UNKNOWN |
ubuntu | 11.10 | noarch | request-tracker3.8 | < 3.8.10-1ubuntu0.1 | UNKNOWN |
ubuntu | 12.04 | noarch | request-tracker3.8 | < 3.8.11-1ubuntu0.1 | UNKNOWN |