FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Request Tracker -- multiple vulnerabilities

Affected packages
rt44 < 4.4.6
rt50 < 5.0.4

Details

VuXML ID e14b9870-62a4-11ee-897b-000bab9f87f1
Discovery 2023-10-18
Entry 2023-10-18

Request Tracker reports:

CVE-2023-41259 SECURITY: RT is vulnerable to unvalidated email headers in incoming email and the mail-gateway REST interface.

CVE-2023-41260 SECURITY: RT is vulnerable to information leakage via response messages returned from requests sent via the mail-gateway REST interface.

CVE-2023-45024 SECURITY: RT 5.0 is vulnerable to information leakage via transaction searches made by authenticated users in the transaction query builder.

References

CVE Name CVE-2023-41259
CVE Name CVE-2023-41260
CVE Name CVE-2023-45024
URL https://bestpractical.com/request-tracker/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.