5.5 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.5%
Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
secunia.com/advisories/31231
secunia.com/advisories/31314
trac.edgewall.org/wiki/ChangeLog
www.securityfocus.com/bid/30400
www.vupen.com/english/advisories/2008/2223/references
exchange.xforce.ibmcloud.com/vulnerabilities/44016
www.redhat.com/archives/fedora-package-announce/2008-July/msg01261.html
www.redhat.com/archives/fedora-package-announce/2008-July/msg01270.html