Bestpractical

Rt

43 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.39%
  • Veröffentlicht 22.05.2026 21:36:21
  • Zuletzt bearbeitet 26.05.2026 20:03:14

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations that use LDAP/AD for user authentication. Under ce...

  • EPSS 0.34%
  • Veröffentlicht 22.05.2026 21:17:36
  • Zuletzt bearbeitet 26.05.2026 20:03:14

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries wit...

  • EPSS 0.12%
  • Veröffentlicht 22.05.2026 21:12:41
  • Zuletzt bearbeitet 26.05.2026 20:03:14

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery (CSRF) vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger ...

  • EPSS 0.17%
  • Veröffentlicht 22.05.2026 21:10:22
  • Zuletzt bearbeitet 26.05.2026 20:03:14

RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet (CSV/formula) injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before...

  • EPSS 0.2%
  • Veröffentlicht 28.05.2025 00:00:00
  • Zuletzt bearbeitet 09.06.2025 18:59:03

Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink.

  • EPSS 0.2%
  • Veröffentlicht 28.05.2025 00:00:00
  • Zuletzt bearbeitet 09.06.2025 18:58:52

Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name.

  • EPSS 0.27%
  • Veröffentlicht 28.05.2025 00:00:00
  • Zuletzt bearbeitet 03.11.2025 20:18:09

Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL.

  • EPSS 2.43%
  • Veröffentlicht 15.07.2014 14:55:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.

  • EPSS 2.43%
  • Veröffentlicht 23.08.2013 16:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

CRLF injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header.

  • EPSS 0.35%
  • Veröffentlicht 23.08.2013 16:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name.