Vulnerability Description
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bestpractical | Rt | 3.8.0 |
Related Weaknesses (CWE)
References
- http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html
- http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html
FAQ
What is CVE-2012-4730?
CVE-2012-4730 is a vulnerability with a CVSS score of 3.5 (LOW). Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks...
How severe is CVE-2012-4730?
CVE-2012-4730 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4730?
Check the references section above for vendor advisories and patch information. Affected products include: Bestpractical Rt.