Debian Linux Security Advisory 1944-1 – Mikal Gule discovered that request-tracker, an extensible trouble-ticket tracking system, is prone to an attack, where an attacker with access to the same domain can hijack a user’s RT session.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/83391/dsa-1944-1.txt
Source: https://packetstormsecurity.com/files/83391/Debian-Linux-Security-Advisory-1944-1.html