Debian Request-Tracker5 vulnerabilities

CVE-2025-31500 [HIGH] CVE-2025-31500: request-tracker5 - Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript ... Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name. Scope: local bookworm: resolved (fixed in 5.0.3+dfsg-3~deb12u3) forky: resolved (fixed in 5.0.7+dfsg-3) sid: resolved (fixed in 5.0.7+dfsg-3) trixie: resolved (fixed in 5.0.7+dfsg-3)

CVE-2025-30087 [HIGH] CVE-2025-30087: request-tracker4 - Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allo... Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL. Scope: local bookworm: resolved (fixed in 4.4.6+dfsg-1.1+deb12u2) bullseye: resolved (fixed in 4.4.4+dfsg-2+deb11u4) sid: open

CVE-2025-31501 [HIGH] CVE-2025-31501: request-tracker5 - Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript ... Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink. Scope: local bookworm: resolved (fixed in 5.0.3+dfsg-3~deb12u3) forky: resolved (fixed in 5.0.7+dfsg-3) sid: resolved (fixed in 5.0.7+dfsg-3) trixie: resolved (fixed in 5.0.7+dfsg-3)

CVE-2025-61873 [LOW] CVE-2025-61873: request-tracker4 - Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV In... Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used. Scope: local bookworm: resolved (fixed in 4.4.6+dfsg-1.1+deb12u3) bullseye: resolved (fixed in 4.4.4+dfsg-2+deb11u5) sid: open

CVE-2025-9158 [MEDIUM] CVE-2025-9158: request-tracker5 - The Request Tracker software is vulnerable to a Stored XSS vulnerability in cale... The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying the ticket in the context of the logged-in user. This vulnerabil

CVE-2025-2545 [LOW] CVE-2025-2545: request-tracker4 - Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8... Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could compromise the confidentiality of encrypted messages. Scope: local

CVE-2024-3262 [MEDIUM] CVE-2024-3262: request-tracker4 - Information exposure vulnerability in RT software affecting version 4.4.1. This ... Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information in the browser cache, leading to information exposure despite session terminati

CVE-2023-45024 [HIGH] CVE-2023-45024: request-tracker5 - Best Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure... Best Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder. Scope: local bookworm: resolved (fixed in 5.0.3+dfsg-3~deb12u2) forky: resolved (fixed in 5.0.5+dfsg-1) sid: resolved (fixed in 5.0.5+dfsg-1) trixie: resolved (fixed in 5.0.5+dfsg-1)

CVE-2023-41259 [HIGH] CVE-2023-41259: request-tracker4 - Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Inf... Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call. Scope: local bookworm: resolved (fixed in 4.4.6+dfsg-1.1+deb12u1) bullseye: resolved (fixed in 4.4.4+dfsg-2+deb11u3) sid: resolved (fixed in 4.4.7+dfsg-1)

CVE-2023-41260 [HIGH] CVE-2023-41260: request-tracker4 - Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Inf... Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls. Scope: local bookworm: resolved (fixed in 4.4.6+dfsg-1.1+deb12u1) bullseye: resolved (fixed in 4.4.4+dfsg-2+deb11u3) sid: resolved (fixed in 4.4.7+dfsg-1)

CVE-2022-25802 [MEDIUM] CVE-2022-25802: request-tracker4 - Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS... Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment. Scope: local bookworm: resolved (fixed in 4.4.6+dfsg-1) bullseye: resolved (fixed in 4.4.4+dfsg-2+deb11u2) sid: resolved (fixed in 4.4.6+dfsg-1)

CVE-2022-25803 [MEDIUM] CVE-2022-25803: request-tracker5 - Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a tick... Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search. Scope: local bookworm: resolved (fixed in 5.0.3+dfsg-1) forky: resolved (fixed in 5.0.3+dfsg-1) sid: resolved (fixed in 5.0.3+dfsg-1) trixie: resolved (fixed in 5.0.3+dfsg-1)

CVE-2021-38562 [HIGH] CVE-2021-38562: request-tracker4 - Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0... Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm. Scope: local bookworm: resolved (fixed in 4.4.4+dfsg-3) bullseye: resolved (fixed in 4.4.4+dfsg-2+deb11u1) sid: resolved (fixed in 4.4.4+dfsg-3)