CVE-2017-5944
N/A
N/A
Summary
The dashboard subscription interface in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://forum.bestpractical.com/t/security-vulnerabilities-in-rt-2017-06-15/32016
- http://www.securityfocus.com/bid/99381
- http://www.debian.org/security/2017/dsa-3882
References
- https://forum.bestpractical.com/t/security-vulnerabilities-in-rt-2017-06-15/32016
- http://www.securityfocus.com/bid/99381
- http://www.debian.org/security/2017/dsa-3882
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.