Описание
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| hardy | DNE | |
| lucid | released | 3.8.7-1ubuntu2.3 |
| oneiric | released | 3.8.10-1ubuntu0.1 |
| precise | released | 3.8.11-1ubuntu0.1 |
| precise/esm | DNE | precise was released [3.8.11-1ubuntu0.1] |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.0.7-2 |
| esm-apps/xenial | not-affected | 4.0.7-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [4.0.7-2]] |
| hardy | DNE | |
| lucid | DNE | |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | not-affected | 4.0.7-2 |
Показывать по
EPSS
3.5 Low
CVSS2
Связанные уязвимости
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows ...
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.
EPSS
3.5 Low
CVSS2