Description
Request Tracker is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victim’s browser. This vulnerability affects versions from 5.0.4 up to 5.0.9 and from 6.0.0 up to 6.0.2.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 14 | | =5.0.7+dfsg-4 || =5.0.7+dfsg-5 || =5.0.7+dfsg-6 || =5.0.9+dfsg-1 || =5.0.9+dfsg-2 || =5.0.9+dfsg-3 || =5.0.9+dfsg-4 || >=0 <5.0.10+dfsg-1 | 5.0.10+dfsg-1 |
debian 11 | | =4.4.4+dfsg-2 || =4.4.4+dfsg-2+deb11u1 || =4.4.4+dfsg-2+deb11u2 || =4.4.4+dfsg-2+deb11u3 || =4.4.4+dfsg-2+deb11u4 || =4.4.4+dfsg-2+deb11u5 || =4.4.4+dfsg-3 || =4.4.5+dfsg-1 || =4.4.6+dfsg-1 || =4.4.6+dfsg-1.1 || =4.4.6+dfsg-2 || =4.4.7+dfsg-1 || =4.4.7+dfsg-1.1 || =4.4.7+dfsg-2 || =4.4.7+dfsg-3 || =4.4.7+dfsg-4 | - |
debian 12 | | =5.0.10+dfsg-1 || =5.0.3+dfsg-2 || =5.0.3+dfsg-3 || =5.0.3+dfsg-3~deb12u1 || =5.0.3+dfsg-3~deb12u2 || =5.0.3+dfsg-3~deb12u3 || =5.0.3+dfsg-3~deb12u4 || =5.0.3+dfsg-3~deb12u5 || =5.0.4+dfsg-1 || =5.0.4+dfsg-2 || =5.0.5+dfsg-1 || =5.0.5+dfsg-2 || =5.0.7+dfsg-1 || =5.0.7+dfsg-2 || =5.0.7+dfsg-3 || =5.0.7+dfsg-4 || =5.0.7+dfsg-5 || =5.0.7+dfsg-6 || =5.0.9+dfsg-1 || =5.0.9+dfsg-2 || =5.0.9+dfsg-3 || =5.0.9+dfsg-4 | - |
debian 13 | | =5.0.10+dfsg-1 || =5.0.7+dfsg-4 || =5.0.7+dfsg-4+deb13u1 || =5.0.7+dfsg-4+deb13u2 || =5.0.7+dfsg-5 || =5.0.7+dfsg-6 || =5.0.9+dfsg-1 || =5.0.9+dfsg-2 || =5.0.9+dfsg-3 || =5.0.9+dfsg-4 | - |
debian 12 | | =4.4.6+dfsg-1.1 || =4.4.6+dfsg-1.1+deb12u1 || =4.4.6+dfsg-1.1+deb12u2 || =4.4.6+dfsg-1.1+deb12u3 || =4.4.6+dfsg-2 || =4.4.7+dfsg-1 || =4.4.7+dfsg-1.1 || =4.4.7+dfsg-2 || =4.4.7+dfsg-3 || =4.4.7+dfsg-4 | - |
