Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DSA-951-1 | New trac packages fix SQL injection and cross-site scripting |
![]() |
DSA-951-2 | New trac packages fix SQL injection and cross-site scripting |
![]() |
EUVD-2005-0001 | Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag. |
![]() |
GHSA-6vhp-hp77-6w52 | Trac HTML WikiProcessor cross-site scripting (XSS) vulnerability |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T23:53:28.548Z
Reserved: 2006-01-11T00:00:00
Link: CVE-2005-4644

No data.

Status : Deferred
Published: 2005-12-31T05:00:00.000
Modified: 2025-04-03T01:03:51.193
Link: CVE-2005-4644

No data.

No data.