CVE-2015-1165
RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.
Date published : 2015-03-09
http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html