VULHUB ™

A vulnerability has been discovered in RT which may make it prone to HTML injection attacks. The vulnerability exists due to insufficient sanitization of user-supplied values. Specifically, the content included in message bodies is not properly sanitized of malicious HTML code. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. Other attacks may also be possible.

A vulnerability has been discovered in RT which may make it prone to HTML injection attacks. The vulnerability exists due to insufficient sanitization of user-supplied values. Specifically, the content included in message bodies is not properly sanitized of malicious HTML code. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. Other attacks may also be possible.