CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2012-2768
https://notcve.org/view.php?id=CVE-2012-2768
15 Aug 2012 — Multiple cross-site scripting (XSS) vulnerabilities in the topic administration page in the RTFM extension 2.0.4 through 2.4.3 for Best Practical Solutions RT allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en la página de administración de tema en la extensión RTFM v2.0.4 hasta la v2.4.3 para (Best Practical Solutions RT) permite a atacantes remotos inyectar código web o HTML arbitrario a tra... • http://lists.bestpractical.com/pipermail/rt-announce/2012-July/000208.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2006-2169
https://notcve.org/view.php?id=CVE-2006-2169
04 May 2006 — RT: Request Tracker 3.5.HEAD allows remote attackers to obtain sensitive information via the Rows parameter in Dist/Display.html, which reveals the installation path in an error message. • http://pridels0.blogspot.com/2006/04/rt-request-tracker-vuln.html •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2003-0273
https://notcve.org/view.php?id=CVE-2003-0273
09 May 2003 — Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies. Vulnerabilidad de secuencias de comandos en sitios cruzados en la interfaz web para Request Racker (RT) 1.0 hasta 1.0.7 permite que atacantes remotos ejecuten script mediante cuerpos de mensaje. • http://lists.fsck.com/pipermail/rt-announce/2003-May/000071.html •