Vulnerabilities > Bestpractical > Request Tracker FOR Incident Response > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-14 | CVE-2022-25801 | Server-Side Request Forgery (SSRF) vulnerability in Bestpractical Request Tracker for Incident Response Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools. | 9.1 |
| 2022-07-14 | CVE-2022-25800 | Server-Side Request Forgery (SSRF) vulnerability in Bestpractical Request Tracker for Incident Response Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool. | 9.1 |