{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2013-3525","title":"Title"},{"category":"description","text":"SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ShowPending parameter.  NOTE: the vendor disputes this issue, stating \"We were unable to replicate it, and the individual that reported it retracted their report,\" and \"we had verified that the claimed exploit did not function according to the author's claims.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2013-3525","url":"https://www.suse.com/security/cve/CVE-2013-3525"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"}],"title":"SUSE CVE CVE-2013-3525","tracking":{"current_release_date":"2025-07-08T00:27:24Z","generator":{"date":"2023-02-15T05:37:28Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2013-3525","initial_release_date":"2023-02-15T05:37:28Z","revision_history":[{"date":"2023-02-15T05:37:28Z","number":"2","summary":"Current version"},{"date":"2025-07-08T00:27:24Z","number":"3","summary":"Current version"}],"status":"interim","version":"3"}}}