A vulnerability categorized as problematic has been discovered in Best Practical Request Tracker up to 5.0.9/6.0.2 . This vulnerability affects unknown code of the component GET Request Handler . The manipulation of the argument Page results in cross site scripting. This vulnerability is identified as CVE-2026-6841 . The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.