request-tracker4 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the request-tracker4 package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS)	<4.2.8-3+deb8u2
H Improper Input Validation	<4.2.8-3+deb8u2
M CVE-2017-5361	<4.2.8-3+deb8u2
H Cross-site Request Forgery (CSRF)	<4.2.8-3+deb8u2
M Cross-site Scripting (XSS)	<4.2.8-3+deb8u1
M Cross-site Scripting (XSS)	<4.2.8-3+deb8u1
M Improper Access Control	<4.2.8-3
M Resource Management Errors	<4.2.8-3
M Information Exposure	<4.2.8-3
M Cross-site Scripting (XSS)	<4.0.12-2
M Arbitrary Code Injection	<4.0.12-2
M Credentials Management	<4.0.12-2
M CVE-2013-3374	<4.0.12-2
M Cross-site Scripting (XSS)	<4.0.12-2
M Access Restriction Bypass	<4.0.12-2
L Cross-site Scripting (XSS)	<4.0.12-2
M CVE-2013-3369	<4.0.12-2
M Link Following	<4.0.12-2
M Cryptographic Issues	<4.0.7-2
M Cryptographic Issues	<4.0.7-2
M Access Restriction Bypass	<4.0.7-2
M Cryptographic Issues	<4.0.7-2
L Access Restriction Bypass	<4.0.7-2
M Arbitrary Code Injection	<4.0.7-2
M Access Restriction Bypass	<4.0.7-2
M Access Restriction Bypass	<4.0.7-2
M Cross-site Request Forgery (CSRF)	<4.0.7-2
M Cross-site Scripting (XSS)	<4.0.6-1
M Cross-site Scripting (XSS)	<4.0.6-1
M Credentials Management	<4.0.5-3
M SQL Injection	<4.0.5-3
M Cross-site Request Forgery (CSRF)	<4.0.5-3
M Information Exposure	<4.0.5-3
L Access Restriction Bypass	<4.0.5-3
M Arbitrary Code Injection	<4.0.5-3
M Cross-site Scripting (XSS)	<4.0.5-3