Vulnerabilities > Bestpractical > Request Tracker > 4.4.3

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-41259 Unspecified vulnerability in Bestpractical Request Tracker
Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call.
network
low complexity
bestpractical
7.5
7.5
2023-11-03 CVE-2023-41260 Unspecified vulnerability in Bestpractical Request Tracker
Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls.
network
low complexity
bestpractical
7.5
7.5
2021-10-18 CVE-2021-38562 Information Exposure Through Discrepancy vulnerability in multiple products
Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm.
network
low complexity
bestpractical fedoraproject debian CWE-203
7.5
7.5