CVE-2017-5944

HIGH8.8EPSS 2.3%

發布日:2017/7/3修改日:2026/4/28

也稱為:DEBIAN-CVE-2017-5944

描述

The dashboard subscription interface in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name.

受影響套件(1)

Debian/request-tracker4from 0, < 4.4.1-4

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH8.8	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2017-5944