icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

RT: Request Tracker Session Fixation Vulnerability

Medium

Synopsis

The remote host is running a web application that is affected by a session fixation vulnerability.

Description

The remote host is running RT: Request Tracker, an enterprise-grade ticketing system. The version detected is affected by a session fixation vulnerability. An attacker, exploiting this flaw, could gain unauthorized access to the application.

Solution

Upgrade to RT 3.8.6, 3.6.10, or later.