Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-30087

Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL.

Published

2025-05-28T18:15:26.540

Last Modified

2025-06-09T18:58:37.370

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses
  • Type: Primary
    CWE-79
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application bestpractical request_tracker < 4.4.8 Yes
Application bestpractical request_tracker < 5.0.8 Yes
References