Описание
Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting (XSS) attacks via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.0.19-1 |
| esm-apps/xenial | not-affected | 4.0.19-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [4.0.19-1]] |
| lucid | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 4.0.13-1 |
| trusty | not-affected | 4.0.19-1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting (XSS) attacks via unspecified vectors.
Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allow ...
Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting (XSS) attacks via unspecified vectors.
EPSS
4.3 Medium
CVSS2