Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an malicious user to change the status and resolution of tickets without having proper permissions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
edgewall trac 0.11.6 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |