6.8
CVSSv2

CVE-2017-5943

Published: 03/07/2017 Updated: 07/07/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Request Tracker (RT) 4.x prior to 4.0.25, 4.2.x prior to 4.2.14, and 4.4.x prior to 4.4.2 allows remote malicious users to obtain sensitive information about cross-site request forgery (CSRF) verification tokens via a crafted URL.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

bestpractical request tracker 4.0.0

bestpractical request tracker 4.0.1

bestpractical request tracker 4.0.2

bestpractical request tracker 4.0.3

bestpractical request tracker 4.0.4

bestpractical request tracker 4.0.5

bestpractical request tracker 4.0.6

bestpractical request tracker 4.0.7

bestpractical request tracker 4.0.8

bestpractical request tracker 4.0.9

bestpractical request tracker 4.0.10

bestpractical request tracker 4.0.11

bestpractical request tracker 4.0.12

bestpractical request tracker 4.0.13

bestpractical request tracker 4.0.14

bestpractical request tracker 4.0.15

bestpractical request tracker 4.0.16

bestpractical request tracker 4.0.17

bestpractical request tracker 4.0.18

bestpractical request tracker 4.0.19

bestpractical request tracker 4.0.20

bestpractical request tracker 4.0.21

bestpractical request tracker 4.0.22

bestpractical request tracker 4.0.23

bestpractical request tracker 4.0.24

bestpractical request tracker 4.2.0

bestpractical request tracker 4.2.1

bestpractical request tracker 4.2.2

bestpractical request tracker 4.2.3

bestpractical request tracker 4.2.4

bestpractical request tracker 4.2.5

bestpractical request tracker 4.2.6

bestpractical request tracker 4.2.7

bestpractical request tracker 4.2.8

bestpractical request tracker 4.2.9

bestpractical request tracker 4.2.10

bestpractical request tracker 4.2.11

bestpractical request tracker 4.2.12

bestpractical request tracker 4.2.13

bestpractical request tracker 4.4.0

bestpractical request tracker 4.4.1

Vendor Advisories

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-6127 It was discovered that Request Tracker is vulnerable to a cross-site scripting (XSS) attack if an attacker uploads a malicious file ...