Read Time:23 Second
Multiple vulnerabilities have been discovered in Request Tracker, an
extensible trouble-ticket tracking system.
CVE-2023-41259
Tom Wolters reported that Request Tracker is vulnerable to accepting
unvalidated RT email headers in incoming email and the mail-gateway
REST interface.
CVE-2023-41260
Tom Wolters reported that Request Tracker is vulnerable to
information leakage via response messages returned from requests
sent via the mail-gateway REST interface.