Published: 31/12/2005 Updated: 20/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote malicious users to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.

Vulnerable Product	Search on Vulmon	Subscribe to Product
edgewall software trac 0.9.2

This update corrects the search feature in trac, an enhanced wiki and issue tracking system for software development projects, which broke with the last security update For completeness please find below the original advisory text: Several vulnerabilities have been discovered in trac, an enhanced wiki and issue tracking system for software develo ...

NVD-CWE-Other http://projects.edgewall.com/trac/ticket/2473 http://www.securityfocus.com/bid/16198 http://secunia.com/advisories/18465 http://www.debian.org/security/2006/dsa-951 http://secunia.com/advisories/18555 http://trac.edgewall.org/ticket/2473 http://www.vupen.com/english/advisories/2006/0226 https://exchange.xforce.ibmcloud.com/vulnerabilities/24183 https://nvd.nist.gov https://www.debian.org/security/./dsa-951

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4644

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect