FreeBSD : trac -- XSS vulnerability (e546c7ce-ce46-11db-bc24-0016179b2dd5)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Secunia reports :

The vulnerability is caused due to an error within the 'download wiki
page as text' function, which can be exploited to execute arbitrary
HTML and script code in a user's browser session in context of an
affected site.

Successful exploitation may require that the victim uses IE.

See also :

http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1
http://www.nessus.org/u?31106761

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 24799 (freebsd_pkg_e546c7cece4611dbbc240016179b2dd5.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now