CVE-2026-6841
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
May 21, 2026
Vendor
unknown
Description
Request Tracker is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary JavaScript execution in the victimβs browser. This vulnerability affects versions from 5.0.4 up to 5.0.9 and from 6.0.0 up toΒ 6.0.2.