Summary
Trac is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
Versions prior to Trac 0.11.7 are vulnerable.
Solution
The vendor has released an update. Please see the references for details.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
- Apache Tomcat Multiple Vulnerabilities January 2010
- CUPS Information Disclosure Vulnerability
- IBM WebSphere Application Multiple Vulnerabilities Jul-11
- Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability