NVD

Id
26620  
Name
CVE-2015-5475  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x before 4.2.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) user and (2) group rights management pages.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2015-08-14  
Modified Date
2016-12-21  
Seq
2015-5475  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
140823 26620 CVE-2015-5475 http://blog.bestpractical.com/2015/08/security-vulnerabilities-in-rt.html  View
140824 26620 CVE-2015-5475 FEDORA-2015-13641  View
140825 26620 CVE-2015-5475 FEDORA-2015-13718  View
140826 26620 CVE-2015-5475 FEDORA-2015-13664  View
140827 26620 CVE-2015-5475 DSA-3335  View
140828 26620 CVE-2015-5475 76364  View
140829 26620 CVE-2015-5475 https://bestpractical.com/release-notes/rt/4.2.12  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
8862 JVNDB-2015-004182 Request Tracker におけるクロスサイトスクリプティングの脆弱性 Request Tracker (RT) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2015-5475 82700 CVE-2015-5475 26620 4.3 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-004182.html 2015-08-12 2015-08-19 View