Best Practical Request Tracker (RT) 4.2 prior to 4.2.17, 4.4 prior to 4.4.5, and 5.0 prior to 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bestpractical request tracker |
||
fedoraproject fedora 35 |
||
debian debian linux 9.0 |