Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3328

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3328
Last Modified 07 Mar 2011 10:10:36
Published 27 Jul 2008 06:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3328

Summary

Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Vulnerable Systems

Application

  • Edgewall Software Trac 0.10

  • Edgewall Software Trac 0.10.1

  • Edgewall Software Trac 0.10.2

  • Edgewall Software Trac 0.10.3

  • Edgewall Software Trac 0.10.3.1

  • Edgewall Software Trac 0.10.4

  • Edgewall Software Trac 0.5

  • Edgewall Software Trac 0.5.1

  • Edgewall Software Trac 0.5.2

  • Edgewall Software Trac 0.50.9

  • Edgewall Software Trac 0.6

  • Edgewall Software Trac 0.6.1

  • Edgewall Software Trac 0.7

  • Edgewall Software Trac 0.7.1

  • Edgewall Software Trac 0.8

  • Edgewall Software Trac 0.8.1

  • Edgewall Software Trac 0.8.2

  • Edgewall Software Trac 0.8.3

  • Edgewall Software Trac 0.8.4

  • Edgewall Software Trac 0.9

  • Edgewall Software Trac 0.9.1

  • Edgewall Software Trac 0.9.2

  • Edgewall Software Trac 0.9.3

  • Edgewall Software Trac 0.9.4

  • Edgewall Software Trac 0.9.5

  • Edgewall Software Trac 0.9.6

  • Edgewall Software Trac 0.9b1

  • Edgewall Software Trac 0.9b2


References

FEDORA - FEDORA-2008-6833

FEDORA - FEDORA-2008-6830

XF - trac-wikiengine-xss(44016)

VUPEN - ADV-2008-2223

BID - 30400

CONFIRM - http://trac.edgewall.org/wiki/ChangeLog

SECUNIA - 31314

SECUNIA - 31231


Last Updated: 27 May 2016 10:48:10