CRLF injection vulnerability in Request Tracker (RT) 3.8.x prior to 3.8.17 and 4.0.x prior to 4.0.13 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
bestpractical rt 4.0.0 |
||
bestpractical rt 4.0.1 |
||
bestpractical rt 4.0.3 |
||
bestpractical rt 4.0.4 |
||
bestpractical rt 4.0.8 |
||
bestpractical rt 4.0.12 |
||
bestpractical rt 4.0.11 |
||
bestpractical rt 4.0.10 |
||
bestpractical rt 4.0.2 |
||
bestpractical rt 4.0.5 |
||
bestpractical rt 4.0.6 |
||
bestpractical rt 4.0.7 |
||
bestpractical rt 4.0.9 |
||
bestpractical rt 3.8.0 |
||
bestpractical rt 3.8.1 |
||
bestpractical rt 3.8.10 |
||
bestpractical rt 3.8.11 |
||
bestpractical rt 3.8.14 |
||
bestpractical rt 3.8.15 |
||
bestpractical rt 3.8.3 |
||
bestpractical rt 3.8.4 |
||
bestpractical rt 3.8.8 |
||
bestpractical rt 3.8.16 |
||
bestpractical rt 3.8.12 |
||
bestpractical rt 3.8.13 |
||
bestpractical rt 3.8.5 |
||
bestpractical rt 3.8.6 |
||
bestpractical rt 3.8.7 |
||
bestpractical rt 3.8.2 |
||
bestpractical rt 3.8.9 |
Vulmon