← back
CVE-2017-5944

CVE-2017-5944

EPSS 2.8%
The dashboard subscription interface in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://forum.bestpractical.com/t/security-vulnerabilities-in-rt-2017-06-15/32016http://www.debian.org/security/2017/dsa-3882http://www.securityfocus.com/bid/99381