Trac

trac

Vendor: Edgewall • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-5108 2Debian Edgewall 2Debian Linux Trac Nov 21, 2024 Nov 13, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions.
CVE-2009-4405 1Edgewall 1Trac Apr 23, 2026 Dec 23, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role...Show more Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6."Show less
CVE-2008-2951 2Edgewall Fedoraproject 2Fedora Trac Apr 23, 2026 Jul 27, 2008 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the q...Show more Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function.Show less