Описание
RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.
RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-1464
- http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154213.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154047.html
- http://www.debian.org/security/2015/dsa-3176
Связанные уязвимости
ubuntu
почти 11 лет назад
RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.
nvd
почти 11 лет назад
RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.
debian
почти 11 лет назад
RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows ...