UBUNTU-CVE-2015-5475
- Source
- https://ubuntu.com/security/CVE-2015-5475
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-5475.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2015-5475
- Related
- Published
- 2015-08-14T18:59:00Z
- Modified
- 2025-01-13T10:21:10Z
- Summary
- [none]
- Details
-
Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x before 4.2.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) user and (2) group rights management pages.
- References
Affected packages
Ubuntu:16.04:LTS / request-tracker4
Package
- Name
- request-tracker4
- Purl
- pkg:deb/ubuntu/request-tracker4@4.2.11-2?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.2.11-2
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "4.2.11-2",
"binary_name": "request-tracker4"
},
{
"binary_version": "4.2.11-2",
"binary_name": "rt4-apache2"
},
{
"binary_version": "4.2.11-2",
"binary_name": "rt4-clients"
},
{
"binary_version": "4.2.11-2",
"binary_name": "rt4-db-mysql"
},
{
"binary_version": "4.2.11-2",
"binary_name": "rt4-db-postgresql"
},
{
"binary_version": "4.2.11-2",
"binary_name": "rt4-db-sqlite"
},
{
"binary_version": "4.2.11-2",
"binary_name": "rt4-doc-html"
},
{
"binary_version": "4.2.11-2",
"binary_name": "rt4-fcgi"
},
{
"binary_version": "4.2.11-2",
"binary_name": "rt4-standalone"
}
]
}