CVE-2012-4730

EPSS 0.18%

request-tracker3.8 - several

Published: 11/11/2012Modified: 4/28/2026

Description

Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.

Affected packages (2)

Debian/request-tracker3.8from 0, < 3.8.8-7+squeeze6
Debian/request-tracker4from 0, < 4.0.7-2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-4730