First published: Fri Aug 23 2013(Updated: )
Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x before 4.0.13, when MakeClicky is configured, allows remote attackers to inject arbitrary web script or HTML via a URL in a ticket. NOTE: this issue has been SPLIT from CVE-2013-3371 due to different affected versions.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bestpractical Rt | =4.0.0 | |
Bestpractical Rt | =4.0.0-rc1 | |
Bestpractical Rt | =4.0.0-rc2 | |
Bestpractical Rt | =4.0.0-rc3 | |
Bestpractical Rt | =4.0.0-rc4 | |
Bestpractical Rt | =4.0.0-rc5 | |
Bestpractical Rt | =4.0.0-rc6 | |
Bestpractical Rt | =4.0.0-rc7 | |
Bestpractical Rt | =4.0.0-rc8 | |
Bestpractical Rt | =4.0.1 | |
Bestpractical Rt | =4.0.1-rc1 | |
Bestpractical Rt | =4.0.1-rc2 | |
Bestpractical Rt | =4.0.2 | |
Bestpractical Rt | =4.0.2-rc1 | |
Bestpractical Rt | =4.0.2-rc2 | |
Bestpractical Rt | =4.0.3 | |
Bestpractical Rt | =4.0.3-rc1 | |
Bestpractical Rt | =4.0.3-rc2 | |
Bestpractical Rt | =4.0.4 | |
Bestpractical Rt | =4.0.5 | |
Bestpractical Rt | =4.0.5-rc1 | |
Bestpractical Rt | =4.0.6 | |
Bestpractical Rt | =4.0.7 | |
Bestpractical Rt | =4.0.7-rc1 | |
Bestpractical Rt | =4.0.8 | |
Bestpractical Rt | =4.0.8-rc1 | |
Bestpractical Rt | =4.0.8-rc2 | |
Bestpractical Rt | =4.0.9 | |
Bestpractical Rt | =4.0.10 | |
Bestpractical Rt | =4.0.11 | |
Bestpractical Rt | =4.0.12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.