FreeBSD : RT -- two XSS vulnerabilities (83b38a2c-413e-11e5-bfcf-6805ca0b3d42)
Medium Nessus Plugin ID 85368
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionBest Practical reports :
RT 4.0.0 and above are vulnerable to a cross-site scripting (XSS) attack via the user and group rights management pages. This vulnerability is assigned CVE-2015-5475. It was discovered and reported by Marcin Kopec at Data Reliance Shared Service Center.
SolutionUpdate the affected packages.