trac -- cross site scripting vulnerability

ID E546C7CE-CE46-11DB-BC24-0016179B2DD5
Type freebsd
Reporter FreeBSD
Modified 2007-03-09T00:00:00


Secunia reports:

The vulnerability is caused due to an error within the "download wiki page as text" function, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation may require that the victim uses IE.