Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-31501

Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink.

2025-05-28T18:15:26.857

2025-06-09T18:59:03.730

Analyzed

CVSSv3.1: 7.2 (HIGH)

Type	Vendor	Product	Version/Range	Vulnerable?
Application	bestpractical	request_tracker	< 4.4.8	Yes
Application	bestpractical	request_tracker	< 5.0.8	Yes