CVE-2017-5944

Published: 2017-07-03T16:29Z

Last Modified: 2024-11-21T03:28Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The dashboard subscription interface in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt