logo

Database

Server side cross-site scripting In request-tracker4

Description

Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2022-258022. NVD-2022-258023. OSV-DEBIAN-2022-258024. OSV-2022-258025. SECURITY-TRACKER-CVE-2022-25802

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.

FLAT-XTU3H – Vulnerability | Fluid Attacks Database