CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Bestpractical: >> Request Tracker >> 6.0.2 Security Vulnerabilities

CVE-2026-6841

Request Tracker is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victim’s browser. This vulnerability affects versions from 5.0.4 up to 5.0.9 and from 6.0.0 up to 6.0.2.

CVSS Score

5.1

EPSS Score

0.0

Published

2026-05-21

Page 1

Vulnerabilities

Vulnerable Software

Bestpractical: >> Request Tracker >> 6.0.2 Security Vulnerabilities

Products

Pricing

Contact Us