Christian Loos

**Name of the Vulnerable Software and Affected Versions** RT (aka Request Tracker) versions 3.8.8 through 4.0.22 RT (aka Request Tracker) versions 4.2.x before 4.2.10 **Description** The issue allows remote attackers to obtain sensitive RSS feed URLs and ticket data. **Recommendations** For RT (aka Request Tracker) versions 3.8.8 through 4.0.22, update to version 4.0.23 or later. For RT (aka Request Tracker) versions 4.2.x before 4.2.10, update to version 4.2.10 or later.