Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions prior to 3.8.15, and 4.0.6 and other versions prior to 4.0.8, allows remote malicious users to hijack the authentication of users for requests that toggle ticket bookmarks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bestpractical rt 3.8.14 |
||
bestpractical rt 3.8.13 |
||
bestpractical rt 3.8.12 |
||
bestpractical rt 4.0.6 |
||
bestpractical rt 4.0.7 |
||
bestpractical rt 4.0.8 |