Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Best Practical Request Tracker 'Custom Field' HTML Injection Vulnerability



The remote host is running a web application that is affected by a HTML-injection vulnerability.


The remote host is running Best Practical Solutions RT, an enterprise-grade ticketing system. The version detected is potentially affected by an HTML-injection vulnerability caused by the application failing to properly sanitize user-supplied input to 'Custom Field' values. Note that this issue only exists if the installation is using Custom Fields.


Upgrade to RT 3.6.9 / 3.8.5