3 matches found
[SECURITY] [DSA 951-2] New trac packages fix SQL injection and cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 951-2 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 951-1] New trac packages fix SQL injection and cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 951-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2006 http://www.debian.org/security/faq -...
CVE-2005-4644
CVE-2005-4644 is a cross-site scripting (XSS) vulnerability in the HTML WikiProcessor of Edgewall Trac 0.9.2. It allows remote attackers to inject arbitrary script/HTML via the SRC attribute of an IMG tag. The connected Debian OpenVAS/DSA entries note fixes in Trac upgrades: trac 0.8.1-3sarge4 (s...