All versions of RT are vulnerable to an email header injection
	    attack. Users with ModifySelf or AdminUser can cause RT to add
	    arbitrary headers or content to outgoing mail. Depending on the
	    scrips that are configured, this may be be leveraged for information
	    leakage or phishing.
	  RT 4.0.0 and above and RTFM 2.0.0 and above contain a vulnerability
	    due to lack of proper rights checking, allowing any privileged user
	    to create Articles in any class.
	  All versions of RT with cross-site-request forgery (CSRF)
	    protection (RT 3.8.12 and above, RT 4.0.6 and above, and any
	    instances running the security patches released 2012-05-22) contain
	    a vulnerability which incorrectly allows though CSRF requests which
	    toggle ticket bookmarks.
	  All versions of RT are vulnerable to a confused deputy attack on
	    the user. While not strictly a CSRF attack, users who are not logged
	    in who are tricked into following a malicious link may, after
	    supplying their credentials, be subject to an attack which leverages
	    their credentials to modify arbitrary state. While users who were
	    logged in would have observed the CSRF protection page, users who
	    were not logged in receive no such warning due to the intervening
	    login process. RT has been extended to notify users of pending
	    actions during the login process.
	  RT 3.8.0 and above are susceptible to a number of vulnerabilities
	    concerning improper signing or encryption of messages using GnuPG;
	    if GnuPG is not enabled, none of the following affect you.