Published: 17/12/2005 Updated: 20/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, and 0.9.2 allows remote malicious users to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
edgewall software trac 0.9.2
edgewall software trac 0.9
edgewall software trac 0.9.1

Debian Bug report logs - #344006 CVE-2005-4305: XSS vulnerability Package: trac; Maintainer for trac is Python Applications Packaging Team <python-apps-team@listsaliothdebianorg>; Source for trac is src:trac (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Mon, 19 Dec 2005 12:18:02 UTC ...

NVD-CWE-Other http://secunia.com/advisories/18048 http://securitytracker.com/id?1015363 http://www.gentoo.org/security/en/glsa/glsa-200601-12.xml http://secunia.com/advisories/18625 http://projects.edgewall.com/trac/wiki/ChangeLog http://www.securityfocus.com/bid/16386 http://www.vupen.com/english/advisories/2005/2936 https://exchange.xforce.ibmcloud.com/vulnerabilities/23775 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344006 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4305

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect