The MobileUI (aka RT-Extension-MobileUI) extension prior to 1.04 in Request Tracker (RT) 4.0.0 prior to 4.0.13, when using the file-based session store (Apache::Session::File) and certain authentication extensions, allows remote malicious users to reuse unauthorized sessions and obtain user preferences and caches via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bestpractical request tracker 4.0.0 |
||
bestpractical request tracker 4.0.6 |
||
bestpractical request tracker 4.0.7 |
||
bestpractical request tracker 4.0.8 |
||
bestpractical request tracker 4.0.9 |
||
bestpractical request tracker 4.0.1 |
||
bestpractical request tracker 4.0.2 |
||
bestpractical request tracker 4.0.4 |
||
bestpractical request tracker 4.0.11 |
||
bestpractical request tracker 4.0.3 |
||
bestpractical request tracker 4.0.5 |
||
bestpractical request tracker 4.0.10 |
||
bestpractical request tracker 4.0.12 |