| Bug | Description |
|---|
| CVE-2010-5108 | Trac 0.11.6 does not properly check workflow permissions before modify ... |
| CVE-2009-4405 | Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknow ... |
| CVE-2008-5647 | Unspecified vulnerability in the HTML sanitizer filter in Trac before ... |
| CVE-2008-5646 | Unspecified vulnerability in Trac before 0.11.2 allows attackers to ca ... |
| CVE-2008-3328 | Cross-site scripting (XSS) vulnerability in the wiki engine in Trac be ... |
| CVE-2008-2951 | Open redirect vulnerability in the search script in Trac before 0.10.5 ... |
| CVE-2007-1406 | Trac before 0.10.3.1 does not send a Content-Disposition HTTP header s ... |
| CVE-2007-1405 | Cross-site scripting (XSS) vulnerability in the "download wiki page as ... |
| CVE-2006-5878 | Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 ... |
| CVE-2006-3695 | Trac before 0.9.6 does not disable the "raw" or "include" commands whe ... |
| CVE-2006-2106 | Cross-site scripting (XSS) vulnerability in Edgewall Software Trac 0.9 ... |
| CVE-2005-4644 | Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in ... |
| CVE-2005-4305 | Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, ... |
| CVE-2005-4065 | SQL injection vulnerability in the search module in Edgewall Trac befo ... |
| CVE-2005-3980 | SQL injection vulnerability in the ticket query module in Edgewall Tra ... |
| CVE-2005-2147 | Trac before 0.8.4 allows remote attackers to read or upload arbitrary ... |
| CVE-2005-2007 | Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier a ... |