Best Practical Request Tracker vulnerabilities

1 known vulnerability affecting best_practical/request_tracker.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-9158MEDIUMCVSS 5.3≥ 5.0.4, ≤ 5.0.8≥ 6.0.0, ≤ 6.0.12025-10-24
CVE-2025-9158 [MEDIUM] CWE-79 CVE-2025-9158: The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation pars The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying the ticket in the context of the logged-in user. This vuln
nvd