Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
2008-07-27T22:41:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | edgewall_software | trac | ≤ 0.10.4 | Yes |
| Application | edgewall_software | trac | 0.5 | Yes |
| Application | edgewall_software | trac | 0.5.1 | Yes |
| Application | edgewall_software | trac | 0.5.2 | Yes |
| Application | edgewall_software | trac | 0.6 | Yes |
| Application | edgewall_software | trac | 0.6.1 | Yes |
| Application | edgewall_software | trac | 0.7 | Yes |
| Application | edgewall_software | trac | 0.7.1 | Yes |
| Application | edgewall_software | trac | 0.8 | Yes |
| Application | edgewall_software | trac | 0.8.1 | Yes |
| Application | edgewall_software | trac | 0.8.2 | Yes |
| Application | edgewall_software | trac | 0.8.3 | Yes |
| Application | edgewall_software | trac | 0.8.4 | Yes |
| Application | edgewall_software | trac | 0.9 | Yes |
| Application | edgewall_software | trac | 0.9.1 | Yes |
| Application | edgewall_software | trac | 0.9.2 | Yes |
| Application | edgewall_software | trac | 0.9.3 | Yes |
| Application | edgewall_software | trac | 0.9.4 | Yes |
| Application | edgewall_software | trac | 0.9.5 | Yes |
| Application | edgewall_software | trac | 0.9.6 | Yes |
| Application | edgewall_software | trac | 0.9b1 | Yes |
| Application | edgewall_software | trac | 0.9b2 | Yes |
| Application | edgewall_software | trac | 0.10 | Yes |
| Application | edgewall_software | trac | 0.10.1 | Yes |
| Application | edgewall_software | trac | 0.10.2 | Yes |
| Application | edgewall_software | trac | 0.10.3 | Yes |
| Application | edgewall_software | trac | 0.10.3.1 | Yes |
| Application | edgewall_software | trac | 0.50.9 | Yes |