Описание
Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 4.4.4+dfsg-2ubuntu2 |
| esm-apps/bionic | released | 4.4.2-2ubuntu0.1~esm1 |
| esm-apps/focal | released | 4.4.3-2+deb10u3build0.20.04.1 |
| esm-apps/jammy | released | 4.4.4+dfsg-2ubuntu1.22.04.1 |
| esm-apps/noble | not-affected | 4.4.4+dfsg-2ubuntu2 |
| esm-apps/xenial | ignored | regressions likely |
| focal | released | 4.4.3-2+deb10u3build0.20.04.1 |
| impish | ignored | end of life |
| jammy | released | 4.4.4+dfsg-2ubuntu1.22.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 5.0.7+dfsg-4 |
| esm-apps/jammy | released | 5.0.1+dfsg-1ubuntu1+esm1 |
| esm-apps/noble | not-affected | 5.0.5+dfsg-2 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | ignored | end of life |
| jammy | needed | |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
Показывать по
6.1 Medium
CVSS3
Связанные уязвимости
Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.
Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 ...
Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.
Уязвимость системы учёта и отслеживания заявок уровня предприятия Request Tracker, существующая из-за непринятия мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
6.1 Medium
CVSS3