VYPR

Vendor CVEs

Bestpractical

All CVEs

79 total · sorted by risk
  • CVE-2017-5944HigJul 3, 2017
    risk 0.57cvss 8.8epss 0.03

    The dashboard subscription interface in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name.

  • CVE-2017-5943HigJul 3, 2017
    risk 0.57cvss 8.8epss 0.01

    Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 allows remote attackers to obtain sensitive information about cross-site request forgery (CSRF) verification tokens via a crafted URL.

  • CVE-2026-41075HigMay 22, 2026
    risk 0.50cvss 8.8epss 0.00

    RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries without proper validation,…

  • CVE-2026-41076HigMay 22, 2026
    risk 0.46cvss 8.1epss 0.00

    RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations that use LDAP/AD for user authentication. Under certain LDAP server…

  • CVE-2016-6127MedJul 3, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2, when the AlwaysDownloadAttachments config setting is not in use, allows remote attackers to inject arbitrary web script or HTML via a file upload with…

  • CVE-2026-41074HigMay 22, 2026
    risk 0.39cvss 7.1epss 0.00

    RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery (CSRF) vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing…

  • CVE-2017-5361MedJul 3, 2017
    risk 0.38cvss 5.9epss 0.01

    Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 does not use a constant-time comparison algorithm for secrets, which makes it easier for remote attackers to obtain sensitive user password information via a timing side-channel attack.

  • CVE-2024-3262MedApr 4, 2024
    risk 0.36cvss 5.5epss 0.00

    Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information…

  • CVE-2025-9158MedOct 24, 2025
    risk 0.34cvss epss 0.00

    The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code…

  • CVE-2026-6841MedMay 21, 2026
    risk 0.33cvss 6.1epss 0.00

    Request Tracker is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victim’s browser. This vulnerability affects…

  • CVE-2026-41073MedMay 22, 2026
    risk 0.23cvss 4.6epss 0.00

    RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet (CSV/formula) injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before being written to the output…

  • CVE-2025-61873LowJan 16, 2026
    risk 0.17cvss 2.6epss 0.00

    Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used.

  • CVE-2025-2545LowMay 5, 2025
    risk 0.15cvss epss 0.00

    Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday…

  • CVE-2013-3525May 10, 2013
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and the individual that…

  • CVE-2025-31500May 28, 2025
    risk 0.00cvss epss 0.00

    Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name.

  • CVE-2025-30087May 28, 2025
    risk 0.00cvss epss 0.00

    Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL.

  • CVE-2025-31501May 28, 2025
    risk 0.00cvss epss 0.00

    Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink.

  • CVE-2023-41260Nov 3, 2023
    risk 0.00cvss epss 0.01

    Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls.

  • CVE-2023-41259Nov 3, 2023
    risk 0.00cvss epss 0.01

    Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call.

  • CVE-2023-45024Nov 3, 2023
    risk 0.00cvss epss 0.01

    Best Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder.

  • CVE-2022-25803Jul 14, 2022
    risk 0.00cvss epss 0.00

    Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search.

  • CVE-2022-25802Jul 14, 2022
    risk 0.00cvss epss 0.01

    Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.

  • CVE-2022-25801Jul 14, 2022
    risk 0.00cvss epss 0.01

    Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools.

  • CVE-2022-25800Jul 14, 2022
    risk 0.00cvss epss 0.01

    Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool.

  • CVE-2021-38562Oct 18, 2021
    risk 0.00cvss epss 0.02

    Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm.

  • CVE-2018-18898Mar 17, 2019
    risk 0.00cvss epss 0.02

    The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.

  • CVE-2015-6506Sep 3, 2015
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key.

  • CVE-2015-5475Aug 14, 2015
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x before 4.2.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) user and (2) group rights management pages.

  • CVE-2015-1464Mar 9, 2015
    risk 0.00cvss epss 0.02

    RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.

  • CVE-2015-1165Mar 9, 2015
    risk 0.00cvss epss 0.02

    RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.

  • CVE-2014-9472Mar 9, 2015
    risk 0.00cvss epss 0.03

    The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.

  • CVE-2013-3737Nov 16, 2014
    risk 0.00cvss epss 0.01

    The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13, when using the file-based session store (Apache::Session::File) and certain authentication extensions, allows remote attackers to reuse unauthorized sessions and obtain…

  • CVE-2014-1474Jul 15, 2014
    risk 0.00cvss epss 0.02

    Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU consumption) via a string without an address.

  • CVE-2013-3736May 5, 2014
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the name of an attached file.

  • CVE-2013-5587Aug 23, 2013
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x before 4.0.13, when MakeClicky is configured, allows remote attackers to inject arbitrary web script or HTML via a URL in a ticket. NOTE: this issue has been SPLIT from CVE-2013-3371 due to different affected…

  • CVE-2013-3374Aug 23, 2013
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information (user preferences and caches) via unknown vectors, related to a "limited…

  • CVE-2013-3373Aug 23, 2013
    risk 0.00cvss epss 0.02

    CRLF injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header.

  • CVE-2013-3372Aug 23, 2013
    risk 0.00cvss epss 0.02

    Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting (XSS) attacks via unspecified vectors.

  • CVE-2013-3371Aug 23, 2013
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 through 3.8.16 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the filename of an attachment.

  • CVE-2013-3370Aug 23, 2013
    risk 0.00cvss epss 0.02

    Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 does not properly restrict access to private callback components, which allows remote attackers to have an unspecified impact via a direct request.

  • CVE-2013-3369Aug 23, 2013
    risk 0.00cvss epss 0.01

    Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote authenticated users with the permissions to view the administration pages to execute arbitrary private components via unspecified vectors.

  • CVE-2013-3368Aug 23, 2013
    risk 0.00cvss epss 0.00

    bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name.

  • CVE-2012-4733Aug 23, 2013
    risk 0.00cvss epss 0.02

    Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors.

  • CVE-2012-6581Jul 24, 2013
    risk 0.00cvss epss 0.01

    Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by…

  • CVE-2012-6580Jul 24, 2013
    risk 0.00cvss epss 0.01

    Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with…

  • CVE-2012-6579Jul 24, 2013
    risk 0.00cvss epss 0.01

    Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service (loss of e-mail readability), via an e-mail message to a…

  • CVE-2012-6578Jul 24, 2013
    risk 0.00cvss epss 0.01

    Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of authentication semantics.

  • CVE-2012-4884Nov 11, 2012
    risk 0.00cvss epss 0.02

    Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG client.

  • CVE-2012-4734Nov 11, 2012
    risk 0.00cvss epss 0.02

    Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "modify arbitrary state" via unknown vectors related to a crafted link.

  • CVE-2012-4732Nov 11, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authentication of users for requests that toggle ticket bookmarks.

Page 1 of 2