Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Trac
(Edgewall)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-07-27 | CVE-2008-2951 | Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function. | Trac, Fedora | 6.1 | ||
| 2019-11-13 | CVE-2010-5108 | Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions. | Debian_linux, Trac | N/A | ||
| 2009-12-23 | CVE-2009-4405 | Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6." | Trac | N/A |