CVE-2015-1464

Name of the Vulnerable Software and Affected Versions RT (aka Request Tracker) versions prior to 4.0.23 RT (aka Request Tracker) versions 4.2.x prior to 4.2.10

Description The issue allows remote attackers to hijack sessions via an RSS feed URL.

Recommendations For versions prior to 4.0.23, update to version 4.0.23 or later. For versions 4.2.x prior to 4.2.10, update to version 4.2.10 or later.