Cross-site scripting (XSS) vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 01:17
Type | Values Removed | Values Added |
---|---|---|
Summary | Cross-site scripting (XSS) vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields. | |
References |
|
02 Feb 2023, 17:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2009-3892 Request Tracker XSS flaw |
Information
Published : 2009-11-17 18:30
Updated : 2023-12-10 10:51
NVD link : CVE-2009-3892
Mitre link : CVE-2009-3892
CVE.ORG link : CVE-2009-3892
JSON object : View
Products Affected
bestpractical
- rt
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')