Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2012-2768

Published: 15/08/2012 Updated: 29/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Best Practical Solutions

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the RTFM extension 2.0.4 up to and including 2.4.3 for Best Practical Solutions RT allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

best practical solutions request tracker 2.0.6

best practical solutions request tracker 2.0.7

best practical solutions request tracker 2.4.3

best practical solutions request tracker 2.0.8

best practical solutions request tracker 2.0.9

best practical solutions request tracker 2.0.11

best practical solutions request tracker 2.0.12

best practical solutions request tracker 2.0.13

best practical solutions request tracker 2.0.4

best practical solutions request tracker 2.0.5

best practical solutions request tracker 2.0.14

best practical solutions request tracker 2.0.15

Vendor Advisories

Debian CVElist Bug Report Logs: rt3.8-rtfm: multiple XSS vulnerabilities in RTFM
Debian Bug report logs - #683290 rt38-rtfm: multiple XSS vulnerabilities in RTFM Package: rt38-rtfm; Maintainer for rt38-rtfm is (unknown); Reported by: Yves-Alexis Perez <corsac@debianorg> Date: Mon, 30 Jul 2012 15:09:04 UTC Severity: important Fixed in version rtfm/242-4+squeeze1 Done: Dominic Hargreaves <dom ...
Debian Security Advisories: DSA-2535-1 rtfm -- cross-site scripting
It was discovered that rtfm, the Request Tracker FAQ Manager, contains multiple cross-site scripting vulnerabilities in the topic administration page For the stable distribution (squeeze), this problem has been fixed in version 242-4+squeeze1 For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed ...

References

CWE-79http://www.securityfocus.com/bid/54689http://secunia.com/advisories/50024http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.htmlhttp://secunia.com/advisories/50440https://exchange.xforce.ibmcloud.com/vulnerabilities/77212https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683290https://nvd.nist.govhttps://www.debian.org/security/./dsa-2535
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-47626CVE-2024-3400physicalCVE-2024-31426CVE-2024-22423CVE-2024-22438injectlocal usersCVE-2024-3797
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook