Trac < 0.11.6 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 5297
SynopsisThe remote web server is hosting an application that is vulnerable to multiple attack vectors.
DescriptionThe remote web server is hosting Trac, a web-based software management application. The installed version of Trac is earlier than 0.11.6. Such versions are potentially affected by multiple vulnerabilities :
- Fixed the policy checks in report results when using alternate formats.
- Added a check for the 'raw' role that is missing in docutils < 0.6.
SolutionUpgrade to Trac 0.11.6 or later.