Vulnerabilities > Edgewall Software > Trac > 0.9.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-07-27 | CVE-2008-3328 | Cross-Site Scripting vulnerability in Edgewall Software Trac Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
| 2006-11-14 | CVE-2006-5878 | Cross-Site Request Forgery vulnerability in Trac Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors. | 7.5 |