Cross-Site Request Forgery in Request Tracker by Best Practical
CVE-2012-4732

Currently unrated

Key Information:

Vendor: Bestpractical
Status: Rt
Vendor: CVE Published:; 11 November 2012

🔔 Create Bestpractical Vulnerability Alert

What is CVE-2012-4732?

A cross-site request forgery vulnerability exists in Request Tracker versions prior to 3.8.15 and 4.0.8, allowing attackers to manipulate authenticated users' actions without their consent. This exploit can lead to unauthorized modification of ticket bookmarks, compromising user accounts and potentially sensitive information.

References

http://lists.bestpractical.com/pipermail/rt-announce/2012...

mailing-listx_refsource_MLIST

http://osvdb.org/86714

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2012
Vulnerability Reserved
Aug 29, 2012

CVE-2012-4732 Data

JSON