The dashboard subscription interface in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T15:18:49.038Z
Reserved: 2017-02-09T00:00:00
Link: CVE-2017-5944

No data.

Status : Deferred
Published: 2017-07-03T16:29:00.543
Modified: 2025-04-20T01:37:25.860
Link: CVE-2017-5944

No data.

No data.