CVE-2011-2084
Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to read (1) hashes of former passwords and (2) ticket correspondence history by leveraging access to a privileged account.
Date published : 2012-06-04
http://www.securityfocus.com/bid/53660
http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html