CVE-2008-3328

NameCVE-2008-3328
DescriptionCross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
trac (PTS)buster1.2.3+dfsg-1fixed
sid, trixie1.6-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
tracsourceetch0.10.3-1etch4
tracsource(unstable)0.11-1

Search for package or bug name: Reporting problems