CVE-2023-41260

Source
https://cve.org/CVERecord?id=CVE-2023-41260
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41260.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-41260
Downstream
Published
2023-11-03T00:00:00Z
Modified
2026-07-08T07:08:22.316933030Z
Summary
[none]
Details

Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/41xxx/CVE-2023-41260.json",
    "cna_assigner": "mitre",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "fixed": "4.4.7"
                },
                {
                    "introduced": "5.x"
                },
                {
                    "fixed": "5.0.5"
                }
            ],
            "source": "DESCRIPTION"
        }
    ]
}
References

Affected packages

Git / github.com/bestpractical/rt

Affected ranges

Type
GIT
Repo
https://github.com/bestpractical/rt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Introduced
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:bestpractical:request_tracker:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.4.7"
        },
        {
            "introduced": "5.0.0"
        },
        {
            "fixed": "5.0.5"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

rt-0.*
rt-0.9.10
rt-0.9.11
rt-0.9.12
rt-0.9.13
rt-0.9.14
rt-0.9.15
rt-0.9.16
rt-0.9.17
rt-0.9.18
rt-0.9.19
rt-0.9.20
rt-0.99.1
rt-0.99.2
rt-0.99.3
rt-0.99.4
rt-0.99.4pre1
rt-0.99.5
rt-0.99.5pre1
rt-0.99.6
rt-0.99.6pre1
rt-0.99.6pre4
rt-0.99.6pre5
rt-0.99.6pre6
rt-0.99.7
rt-0.99.8
rt-0.99.8pre1
rt-0.99.8pre2
rt-0.99.8pre3
rt-0.99.8pre4
rt-0.99.8pre5
rt-0.99.8pre8
rt-0.99.8pre9
rt-1.*
rt-1.1.1
rt-1.1.10
rt-1.1.2
rt-1.1.3broken
rt-1.1.4pre
rt-1.1.5
rt-1.1.6
rt-1.1.7
rt-1.1.8
rt-1.1.9
rt-1.1pre.1
rt-1.3.0
rt-1.3.10
rt-1.3.100
rt-1.3.101
rt-1.3.102
rt-1.3.103
rt-1.3.103.private.pretest
rt-1.3.104
rt-1.3.105
rt-1.3.106
rt-1.3.11
rt-1.3.12
rt-1.3.13
rt-1.3.15
rt-1.3.16
rt-1.3.17
rt-1.3.18
rt-1.3.19
rt-1.3.20
rt-1.3.21
rt-1.3.22
rt-1.3.23
rt-1.3.24
rt-1.3.25
rt-1.3.26
rt-1.3.27
rt-1.3.28
rt-1.3.29
rt-1.3.30
rt-1.3.31
rt-1.3.32
rt-1.3.33
rt-1.3.34
rt-1.3.35
rt-1.3.36
rt-1.3.37
rt-1.3.38
rt-1.3.39
rt-1.3.40
rt-1.3.41
rt-1.3.42
rt-1.3.43
rt-1.3.44
rt-1.3.45
rt-1.3.46
rt-1.3.47
rt-1.3.48
rt-1.3.49
rt-1.3.49_01
rt-1.3.50
rt-1.3.51
rt-1.3.52
rt-1.3.53
rt-1.3.54
rt-1.3.55
rt-1.3.56
rt-1.3.57
rt-1.3.58
rt-1.3.59
rt-1.3.6
rt-1.3.60
rt-1.3.61
rt-1.3.62
rt-1.3.63
rt-1.3.64
rt-1.3.65
rt-1.3.66
rt-1.3.67
rt-1.3.68
rt-1.3.68_01
rt-1.3.68_02
rt-1.3.69
rt-1.3.7
rt-1.3.70
rt-1.3.71
rt-1.3.72
rt-1.3.73
rt-1.3.74
rt-1.3.75
rt-1.3.77
rt-1.3.78
rt-1.3.79
rt-1.3.79.test1
rt-1.3.8
rt-1.3.80
rt-1.3.81
rt-1.3.82
rt-1.3.83
rt-1.3.84
rt-1.3.85
rt-1.3.86
rt-1.3.87
rt-1.3.88
rt-1.3.89
rt-1.3.9
rt-1.3.90
rt-1.3.91
rt-1.3.92
rt-1.3.93
rt-1.3.94
rt-1.3.95
rt-1.3.95.test1
rt-1.3.95.test2
rt-1.3.96
rt-1.3.97
rt-1.3.98
rt-1.3.99
rt-1.pre1.2
rt-2.*
rt-2.0.0
rt-2.0.0.rc1
rt-2.0.0.rc2
rt-2.0.0.rc3
rt-2.0.1
rt-2.0.1.test1
rt-2.0.1.test2
rt-2.0.1.test3
rt-2.0.1.test4
rt-2.0.10
rt-2.0.10.test1
rt-2.0.10.test2
rt-2.0.10.test3
rt-2.0.10.test4
rt-2.0.11
rt-2.0.11pre1
rt-2.0.12.pre1
rt-2.0.12.pre2
rt-2.0.12.pre3
rt-2.0.2
rt-2.0.2test1
rt-2.0.2test2
rt-2.0.2test3
rt-2.0.3
rt-2.0.4
rt-2.0.5
rt-2.0.5.test1
rt-2.0.5.test2
rt-2.0.5.test3
rt-2.0.6
rt-2.0.6.pre1
rt-2.0.6.pre3
rt-2.0.6.pre4
rt-2.0.6.pre5
rt-2.0.6.pre6
rt-2.0.6.pre7
rt-2.0.7
rt-2.0.7pre1
rt-2.0.8
rt-2.0.8_01
rt-2.0.8pre1
rt-2.0.8pre2
rt-2.0.8pre3
rt-2.0.9
rt-2.0.9pre1
rt-2.0.9pre3
rt-2.0.9pre4
rt-2.0.9pre5
rt-2.0.9pre6
rt-2.0.9pre7
rt-2.0.9pre8
rt-2.0.9pre9
rt-2.1.1
rt-2.1.10
rt-2.1.11
rt-2.1.12
rt-2.1.13
rt-2.1.14
rt-2.1.15
rt-2.1.16
rt-2.1.17
rt-2.1.18
rt-2.1.19
rt-2.1.20
rt-2.1.21
rt-2.1.22
rt-2.1.23
rt-2.1.24
rt-2.1.25
rt-2.1.26
rt-2.1.27
rt-2.1.28
rt-2.1.29
rt-2.1.3
rt-2.1.30
rt-2.1.31
rt-2.1.32
rt-2.1.33
rt-2.1.34
rt-2.1.35
rt-2.1.36
rt-2.1.37
rt-2.1.38
rt-2.1.39
rt-2.1.4
rt-2.1.41
rt-2.1.42
rt-2.1.43
rt-2.1.44
rt-2.1.45
rt-2.1.46
rt-2.1.47
rt-2.1.48
rt-2.1.49
rt-2.1.5
rt-2.1.50
rt-2.1.51
rt-2.1.52
rt-2.1.53
rt-2.1.54
rt-2.1.55
rt-2.1.56
rt-2.1.57
rt-2.1.58
rt-2.1.59
rt-2.1.6
rt-2.1.60
rt-2.1.61
rt-2.1.62
rt-2.1.63
rt-2.1.64
rt-2.1.66
rt-2.1.67
rt-2.1.68
rt-2.1.69
rt-2.1.7
rt-2.1.70
rt-2.1.71
rt-2.1.72
rt-2.1.73
rt-2.1.74
rt-2.1.75
rt-2.1.76
rt-2.1.77
rt-2.1.78
rt-2.1.79
rt-2.1.8
rt-2.1.80
rt-2.1.81
rt-2.1.82
rt-2.1.83
rt-2.1.84
rt-2.1.85
rt-2.1.86
rt-2.1.87
rt-2.1.87777777
rt-2.1.88
rt-2.1.9
rt-3.*
rt-3.0.0
rt-3.0.0rc0
rt-3.0.0rc1
rt-3.0.0rc2
rt-3.0.0rc3
rt-3.0.0rc4
rt-3.0.1
rt-3.0.1pre1
rt-3.0.1pre2
rt-3.0.2
rt-3.0.2pre1
rt-3.0.2pre2
rt-3.0.2pre3
rt-3.0.2pre4
rt-3.0.2pre5
rt-3.0.2pre6
rt-3.0.3
rt-3.0.3pre1
rt-3.0.3pre2
rt-3.0.3pre3
rt-3.0.3pre4
rt-3.0.3pre5
rt-3.0.3rc1
rt-3.0.3rc2
rt-3.0.3rc3
rt-3.0.3rc4
rt-3.0.4
rt-3.0.4pre1
rt-3.0.4rc1
rt-3.0.4rc2
rt-3.0.5
rt-3.0.5pre1
rt-3.0.5pre2
rt-3.0.5pre3
rt-3.0.5pre4
rt-3.0.5pre5
rt-3.0.5pre6
rt-3.0.5rc1
rt-3.0.6
rt-3.0.6rc1
rt-3.0.7
rt-3.0.7_01
rt-3.0.7pre1
rt-3.0.7pre2
rt-3.0.7pre3
rt-3.0.7rc1
rt-3.0.8
rt-3.0.8pre1
rt-3.0.8pre2
rt-3.0.8rc1
rt-3.1.2
rt-3.3.2
rt-3.3.3
rt-3.3.4
rt-3.5.1
rt-3.5.2
rt-3.5.3
rt-3.5.4
rt-3.5.5
rt-3.7.1
rt-3.7.15
rt-3.7.85
rt-3.7.86
rt-3.8.0rc1
rt-3.8.8rc1
rt-3.9.4
rt-3.9.5
rt-3.9.6
rt-3.9.7
rt-4.*
rt-4.1.13
rt-4.1.17
rt-4.1.19
rt-4.1.23
rt-4.1.5
rt-4.1.6
rt-4.1.7
rt-4.1.8
rt-4.4.0rc1
rt-4.4.0rc2
rt-4.4.6beta1
rt-4.4.7beta1
rt-4.6.0-pre1
rt-5.*
rt-5.0.0alpha1
rt-5.0.0beta1
rt-5.0.5beta1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41260.json"