CVE-2026-6841 | Best Practical Request Tracker up to 5.0.9/6.0.2 GET Request Page cross site scripting

Inserito da Angelo Barbosa | Mag 21, 2026 | CVE

A vulnerability categorized as problematic has been discovered in Best Practical Request Tracker up to 5.0.9/6.0.2. This vulnerability affects unknown code of the component GET Request Handler. The manipulation of the argument Page results in cross site scripting.

This vulnerability is identified as CVE-2026-6841. The attack can be executed remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-6841 | Best Practical Request Tracker up to 5.0.9/6.0.2 GET Request Page cross site scripting

Post correlati

CVE-2025-8228 | yanyutao0402 ChanCMS up to 3.1.2 /cms/collect/getPages targetUrl server-side request forgery (ICLP28)

CVE-2025-0318 | Ultimate Member Plugin up to 2.9.1 on WordPress information disclosure

CVE-2024-40830 | Apple iOS/iPadOS up to 17.7 information disclosure

CVE-2025-9709 | Nordic Semiconductor nRF52810 on-chip debug and test interface with improper access control