CVE-2007-1405

Source
https://nvd.nist.gov/vuln/detail/CVE-2007-1405
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2007-1405.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2007-1405
Aliases
Published
2007-03-10T22:19:00Z
Modified
2024-09-11T03:14:31.674531Z
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in the "download wiki page as text" feature in Trac before 0.10.3.1, when Microsoft Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

References

Affected packages

Debian:13 / trac

Package

Name
trac
Purl
pkg:deb/debian/trac?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.10.4-1

Affected versions

0.*

0.8-1
0.8.1-1
0.8.1-2
0.8.1-3
0.8.1-3sarge1
0.8.1-3sarge2
0.8.1-3sarge3
0.8.1-3sarge4
0.8.1-3sarge5
0.8.1-3sarge6
0.8.1-3sarge7
0.8.3-1
0.8.4-1
0.8.4-2
0.9-1
0.9-0beta1+r2227-1
0.9-0beta2+r2418-1
0.9.1-1
0.9.1-2
0.9.2-1
0.9.3-1
0.9.4-1
0.9.4-2
0.9.4-3
0.9.4+0.10svn20060321-1
0.9.4+0.10svn20060321-2
0.9.4+0.10svn20060321-3
0.9.5-1
0.9.5-1.1
0.9.5-2
0.9.6-1
0.9.6-2
0.9.6-3
0.9.99+0.10svn20060610-1
0.9.99+0.10svn20060626-1
0.9.99+0.10svn20060710-1
0.10~b1-1
0.10-1
0.10-2
0.10-3
0.10.1-1
0.10.1.svn4235-1
0.10.2-1
0.10.3~rc1-1
0.10.3-1~bpo.1
0.10.3-1
0.10.3-1etch1
0.10.3-1etch2
0.10.3-1etch3
0.10.3-1etch4

Ecosystem specific

{
    "urgency": "not yet assigned"
}