TROYANOSYVIRUS
Voltar para CVEs

CVE-2025-61873

LOW
2.6

Descricao

Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used.

Detalhes CVE

Pontuacao CVSS v3.12.6
SeveridadeLOW
Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N
Vetor de ataqueNETWORK
ComplexidadeHIGH
Privilegios necessariosHIGH
Interacao do usuarioREQUIRED
Publicado1/16/2026
Ultima modificacao1/26/2026
Fontenvd
Avistamentos honeypot0

Fraquezas (CWE)

CWE-1236

Referencias

https://docs.bestpractical.com/release-notes/rt/index.html(cve@mitre.org)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.