Best Practical Request Tracker 5.0.1

CPE Details

Best Practical Request Tracker 5.0.1
bestpractical
request_tracker
5.0.1
2021-10-18
15h25 +00:00
2021-10-18
15h30 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:bestpractical:request_tracker:5.0.1:*:*:*:*:*:*:*

Informations

Vendor

bestpractical

Product

request_tracker

Version

5.0.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-41259 2023-11-02 23h00 +00:00 Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call.
7.5
High
CVE-2023-41260 2023-11-02 23h00 +00:00 Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls.
7.5
High
CVE-2023-45024 2023-11-02 23h00 +00:00 Best Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder.
7.5
High
CVE-2022-25803 2022-07-14 09h51 +00:00 Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search.
6.1
Medium
CVE-2022-25802 2022-07-14 09h49 +00:00 Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.
6.1
Medium
CVE-2021-38562 2021-10-18 06h52 +00:00 Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm.
7.5
High