{"id":"CVE-2015-1464","details":"RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.","modified":"2026-04-16T06:25:54.385381607Z","published":"2015-03-09T14:59:06Z","references":[{"type":"ADVISORY","url":"http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2015/dsa-3176"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154213.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154047.html"}],"schema_version":"1.7.5"}