Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0273

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2003-0273
Last Modified 10 Sep 2008 03:18:31
Published 27 May 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-0273

Summary

Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies.

Vulnerable Systems

Application

  • Best Practical Solutions Request Tracker 1.0.0

  • Best Practical Solutions Request Tracker 1.0.1

  • Best Practical Solutions Request Tracker 1.0.2

  • Best Practical Solutions Request Tracker 1.0.3

  • Best Practical Solutions Request Tracker 1.0.4

  • Best Practical Solutions Request Tracker 1.0.5

  • Best Practical Solutions Request Tracker 1.0.6

  • Best Practical Solutions Request Tracker 1.0.7


References

CONFIRM - http://lists.fsck.com/pipermail/rt-announce/2003-May/000071.html

BUGTRAQ - 20030508 Fw: [rt-users] [rt-announce] RT 1.0.7 vulnerable to Cross Site Scripting attacks


Last Updated: 27 May 2016 10:37:50