Information Disclosure in Best Practical Request Tracker 5
CVE-2023-45024
7.5HIGH
What is CVE-2023-45024?
Best Practical Request Tracker (RT) version 5 prior to 5.0.5 contains a vulnerability that enables information disclosure through an insecure transaction search functionality in the transaction query builder. This flaw can potentially expose sensitive transaction information to unauthorized users, creating a security risk for organizations that rely on this software. Immediate upgrade to the fixed version is recommended to mitigate the risk.