CVE-2017-5943 in Ubuntu

CVE-2017-5943

Priority

Description

Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x
before 4.4.2 allows remote attackers to obtain sensitive information about
cross-site request forgery (CSRF) verification tokens via a crafted URL.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5943

Notes

Package

Source: request-tracker4 (LP Ubuntu Debian)

Upstream:	released (4.4.1-4)
Ubuntu 18.04 LTS:	not-affected (4.4.1-4)
Ubuntu 20.04 LTS:	not-affected (4.4.1-4)
Ubuntu 21.10:	not-affected (4.4.1-4)
Ubuntu 22.04 LTS:	not-affected (4.4.1-4)
Ubuntu 14.04 ESM:	DNE (trusty was needed)

Patches:

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-25 00:21:48 UTC (commit ecc1009cb19540b950de59270950018900f37f15)