Request Tracker Vulnerability Enabling Cross-Site Scripting Attacks
CVE-2013-3372
Currently unrated
What is CVE-2013-3372?
A security flaw in Request Tracker versions prior to 3.8.17 and 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers. This vulnerability can potentially lead to cross-site scripting (XSS) attacks, where attackers exploit the web application's inadequate input validation to execute malicious scripts. Users of affected versions are strongly advised to upgrade to the latest versions to mitigate these risks.