Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call.
References
Link | Resource |
---|---|
https://docs.bestpractical.com/release-notes/rt/4.4.7 | Release Notes Vendor Advisory |
https://docs.bestpractical.com/release-notes/rt/5.0.5 | Release Notes Vendor Advisory |
https://docs.bestpractical.com/release-notes/rt/index.html | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Sep 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-03 05:15
Updated : 2024-09-05 15:35
NVD link : CVE-2023-41259
Mitre link : CVE-2023-41259
CVE.ORG link : CVE-2023-41259
JSON object : View
Products Affected
bestpractical
- request_tracker
CWE