Trac prior to 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
edgewall software trac 0.10.2 |
||
edgewall software trac 0.10 |
||
edgewall software trac 0.10.1 |
||
edgewall software trac 0.10.3 |