This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote Fedora host is missing a security update.
Update to 0.10.5 to fix two non-critical security issues:
CVE-2008-2951: Open redirect vulnerability in the search script in
Trac before 0.10.5 allows remote attackers to redirect users to
arbitrary websites and conduct phishing attacks via a URL in the q
parameter. CVE-2008-3328: Cross-site scripting (XSS) vulnerability in
the wiki engine in Trac before 0.10.5 allows remote attackers to
inject arbitrary web script or HTML via unknown vectors.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
See also :
Update the affected trac package.
Risk factor :
Medium / CVSS Base Score : 5.8
CVSS Temporal Score : 5.0
Public Exploit Available : true