359 matches found
CVE-2006-2106
Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...
Cross site scripting
Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...
CVE-2006-2106
Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...
DEBIAN-CVE-2006-2106
Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...
CVE-2006-2106
Trac 0.9.4 and earlier contain a cross-site scripting (XSS) vulnerability in the wiki macro, allowing a remote attacker to inject arbitrary script/HTML in the browser. Upgrade to Trac 0.9.5 per Edgewall’s advisory/blog referenced in the sources to mitigate.
CVE-2006-2106
Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...
CVE-2006-2106
Cross-site scripting XSS vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."...
[SA19870] Trac Wiki Macro Script Insertion Vulnerability
TITLE: Trac Wiki Macro Script Insertion Vulnerability SECUNIA ADVISORY ID: SA19870 VERIFY ADVISORY: http://secunia.com/advisories/19870/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Trac 0.x http://secunia.com/product/5260/ DESCRIPTION: A vulnerability h...
trac -- Wiki Macro Script Insertion Vulnerability
Secunia reports: A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks. Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed ...
JVN#84091359 Trac cross-site scripting vulnerability
Impact A remote attacker could possibly execute an arbitrary script on the user's web browser. Solution Products Affected Trac 0.94 and earlier versions of 0.9 series Trac-ja 0.94 and earlier versions of 0.9 series...
Edgewall Software Trac SQL injection flaw
The remote web server contains a CGI script that is affected by a SQL injection flaw. Description: The remote host is running Trac, an enhanced wiki and issue tracking system for software development projects written in python. The remote version of this software is prone to a SQL injection flaw...
Edgewall Software Trac SQL injection flaw
The remote version of Trac is prone to a SQL injection flaw through the ticket query module due to SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
[SECURITY] [DSA 951-2] New trac packages fix SQL injection and cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 951-2 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 951-2] New trac packages fix SQL injection and cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 951-2 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2006 http://www.debian.org/security/faq -...
GLSA-200601-12 : Trac: XSS vulnerability
The remote host is affected by the vulnerability described in GLSA-200601-12 Trac: XSS vulnerability Christophe Truc discovered that Trac fails to properly sanitize input passed in the URL. Impact : A remote attacker could exploit this to inject and execute malicious script code or to steal...
Trac: Cross-site scripting vulnerability
Background Trac is a minimalistic web-based project management, wiki and bug tracking system including a Subversion interface. Description Christophe Truc discovered that Trac fails to properly sanitize input passed in the URL. Impact A remote attacker could exploit this to inject and execute...
[SECURITY] [DSA 951-1] New trac packages fix SQL injection and cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 951-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 951-1] New trac packages fix SQL injection and cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 951-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2006 http://www.debian.org/security/faq -...
DSA-951-2 trac - missing input sanitising
Bulletin has no description...
[SA18465] Trac HTML WikiProcessor Script Insertion Vulnerability
TITLE: Trac HTML WikiProcessor Script Insertion Vulnerability SECUNIA ADVISORY ID: SA18465 VERIFY ADVISORY: http://secunia.com/advisories/18465/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Trac 0.x http://secunia.com/product/5260/ DESCRIPTION: A...