CVE-2015-1165

RT <4.0.23, <4.2.10 - Info Disclosure

Title source: llm
STIX 2.1

Description

RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.

References (4)

Core 4
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3176
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154047.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154213.html

Scores

EPSS 0.0212
EPSS Percentile 79.6%

Details

CWE
CWE-200
Status published
Products (46)
bestpractical/request_tracker 3.8.8
bestpractical/request_tracker 3.8.9
bestpractical/request_tracker 3.8.10
bestpractical/request_tracker 3.8.11
bestpractical/request_tracker 3.8.12
bestpractical/request_tracker 3.8.13
bestpractical/request_tracker 3.8.14
bestpractical/request_tracker 3.8.15
bestpractical/request_tracker 3.8.16
bestpractical/request_tracker 3.8.17
... and 36 more
Published Mar 09, 2015
Tracked Since Feb 18, 2026