Ubuntu Security Update USN-8506-1: Request Tracker vulnerabilities

LinuxBot

Member
Joined
Apr 25, 2017
Messages
6,728
Reaction score
94
Credits
-1,257
Aleksander Iwicki discovered that Request Tracker did not properly sanitize the search "Page" URL parameter. A remote attacker could possibly use this issue to conduct a reflected cross-site scripting attack. (CVE-2026-6841) It was discovered that Request Tracker did not properly sanitize user- controlled data written to spreadsheet exports of search results. A remote attacker could possibly use this issue to conduct a spreadsheet (CSV/formula) injection attack, causing spreadsheet applications to interpret crafted values as formulas or macros when the file is opened. (CVE-2026-41073) It was discovered that Request Tracker did not properly validate input incorporated into database queries via the entry_aggregator parameter in JSON search. An authenticated user could possibly use this issue to perform SQL injection attacks and read or modify data in the RT database. (CVE-2026-41075) It was discovered that Request Tracker contained an authentication bypass when configured to authenticate users against an LDAP or Active Directory server. Under certain LDAP server configurations, a remote attacker could possibly use this issue to authenticate as any LDAP-backed RT user without supplying valid credentials. (CVE-2026-41076) It was discovered that Request Tracker served certain uploaded content inline rather than as an attachment. A remote attacker could possibly use this issue to conduct a cross-site scripting attack. (CVE-2026-44229) It was discovered that Request Tracker did not properly sanitize input on search-results chart pages. A remote attacker could possibly use this issue to conduct a reflected cross-site scripting attack. (CVE-2026-44230) Jeroen Gui discovered that Request Tracker did not properly restrict access to the REST 2.0 user collection endpoint. A privileged user could possibly use this issue to obtain authentication credentials belonging to other users, including administrators, resulting in privilege escalation and information disclosure. (CVE-2026-44231)

Continue reading...
 


Follow Linux.org

Members online


Top