Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Trac < 0.11.6 Multiple Vulnerabilities

Medium

Synopsis

The remote web server is hosting an application that is vulnerable to multiple attack vectors.

Description

The remote web server is hosting Trac, a web-based software management application. The installed version of Trac is earlier than 0.11.6. Such versions are potentially affected by multiple vulnerabilities :

- Fixed the policy checks in report results when using alternate formats.

- Added a check for the 'raw' role that is missing in docutils < 0.6.

Solution

Upgrade to Trac 0.11.6 or later.