RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery (CSRF) vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that user's behalf. This issue has been fixed in version 6.0.3.
4.2.11-24.2.12-34.2.12-44.2.12-54.4.3-24.4.3-2+deb10u3build0.20.04.14.4.4+dfsg-2ubuntu14.4.4+dfsg-2ubuntu1.22.04.14.4.4+dfsg-2ubuntu14.4.4+dfsg-2ubuntu24.4.7+dfsg-14.4.7+dfsg-4syncable15.0.7+dfsg-25.0.7+dfsg-35.0.7+dfsg-45.0.7+dfsg-45.0.7+dfsg-64.4.1-54.4.2-14.4.2-24.4.2-2ubuntu0.1~esm15.0.1+dfsg-1ubuntu15.0.1+dfsg-1ubuntu1+esm15.0.1+dfsg-1ubuntu15.0.5+dfsg-25.0.5+dfsg-2ubuntu0.1~esm1Exploitability
AV:NAC:LPR:NUI:RScope
S:UImpact
C:NI:HA:LCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L