CVE-2011-4460
EPSS 0.52%
Description
SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account.
How to fix CVE-2011-4460
To remediate CVE-2011-4460, upgrade the affected package to a fixed version below.
- Debian/request-tracker4—upgrade to 4.0.5-3 or later
Is CVE-2011-4460 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.0.5-3