CVE-2005-4305 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-4305

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, and 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page.

Affected Software

Name	Vendor	Start Version	End Version
Trac	Edgewall_software	0.9 (including)	0.9 (including)
Trac	Edgewall_software	0.9.1 (including)	0.9.1 (including)
Trac	Edgewall_software	0.9.2 (including)	0.9.2 (including)

References

http://projects.edgewall.com/trac/wiki/ChangeLog
http://secunia.com/advisories/18048
http://secunia.com/advisories/18625
http://securitytracker.com/id?1015363
http://www.gentoo.org/security/en/glsa/glsa-200601-12.xml
http://www.securityfocus.com/bid/16386
http://www.vupen.com/english/advisories/2005/2936
https://exchange.xforce.ibmcloud.com/vulnerabilities/23775