PT-2026-42836 · Rt · Rt
Cbrandtbuffalo
·
Published
2026-05-22
·
Updated
2026-05-23
·
CVE-2026-41074
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
RT versions 6.0.0 through 6.0.2
Description
RT is an open source, enterprise-grade issue and ticket tracking system. A Cross-Site Request Forgery (CSRF) flaw allows an attacker to induce a logged-in user to visit a malicious web page, triggering arbitrary state-changing actions on behalf of that user. CSRF is a technique where a malicious site tricks a user's browser into performing an unwanted action on a different website where the user is authenticated.
Recommendations
Update to version 6.0.3.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rt