Trac Security Vulnerabilities and Issues — Trac CVE List

Lucene search

Edgewall SoftwareTrac

5 matches found

CVE•added 2008/07/27 10:41 p.m.•49 views

CVE-2008-3328

Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

4.3CVSS5.9AI score0.00504EPSS

CVE•added 2006/01/11 9:0 p.m.•47 views

CVE-2005-4644

Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.

4.3CVSS5.4AI score0.00658EPSS

CVE•added 2007/03/10 10:19 p.m.•44 views

CVE-2007-1405

Cross-site scripting (XSS) vulnerability in the "download wiki page as text" feature in Trac before 0.10.3.1, when Microsoft Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

4.3CVSS5.5AI score0.00351EPSS

CVE•added 2005/12/17 12:3 a.m.•40 views

CVE-2005-4305

Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, and 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page.

4.3CVSS5.5AI score0.00558EPSS

CVE•added 2006/04/29 10:2 a.m.•34 views

CVE-2006-2106

Cross-site scripting (XSS) vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."

4.3CVSS5.5AI score0.00527EPSS