VYPR

MobileUI

by Bestpractical

CVEs (2)

  • CVE-2013-3737Nov 16, 2014
    risk 0.00cvss epss 0.01

    The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13, when using the file-based session store (Apache::Session::File) and certain authentication extensions, allows remote attackers to reuse unauthorized sessions and obtain…

  • CVE-2013-3736May 5, 2014
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the name of an attached file.