[request-tracker-maintainers] Bug#546829: request-tracker3.8: XSS vulnerability when displaying Custom Field values
Dominic Hargreaves
dom at earth.li
Tue Sep 15 22:58:58 UTC 2009
Package: request-tracker3.8
Version: 3.8.4-1
Severity: important
Tags: patch security
According to
http://lists.bestpractical.com/pipermail/rt-announce/2009-September/000172.html
RT 3.8 contains a security problem which affects configurations
populating Custom Fields using untrusted data. A patch is provided.
More information about the pkg-request-tracker-maintainers
mailing list