Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2023-41260 | High | Nov 03, 2023 | Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls. |
4.4.3, 4.2.15, 4.4.2, 4.2.14, 4.0.25, 4.4.1, 4.2.13, 4.4.0, 4.0.24, 4.2.12
|
|
CVE-2023-41259 | High | Nov 03, 2023 | Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email me more... |
4.4.3, 4.2.15, 4.4.2, 4.2.14, 4.0.25, 4.4.1, 4.2.13, 4.4.0, 4.0.24, 4.2.12
|
|
CVE-2022-25803 | Medium | Jul 14, 2022 | Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search. |
4.4.3, 4.2.15, 4.4.2, 4.2.14, 4.0.25, 4.4.1, 4.2.13, 4.4.0, 4.0.24, 4.2.12
|
|
CVE-2022-25802 | BDSA-2022-1954 | Medium | Jul 14, 2022 | Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment. |
4.4.3, 4.2.15, 4.4.2, 4.2.14, 4.0.25, 4.4.1, 4.2.13, 4.4.0, 4.0.24, 4.2.12
|
CVE-2021-38562 | BDSA-2021-3098 | High | Oct 18, 2021 | Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing atta more... |
4.4.3, 4.2.15, 4.2.14, 4.4.2, 4.2.13, 4.4.1, 4.4.0, 4.2.12, 4.2.11, 4.2.10
|
BDSA-2019-0847 | Medium | Mar 28, 2019 | Best Practical Request Tracker contains a flaw when parsing email addresses. This could allow a remote attacker to trigger a denial-of-service (DoS) vi more... |