—
PYSEC-2008-4
Details
Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- http://holisticinfosec.org/content/view/72/45/ [WEB]
- http://trac.edgewall.org/wiki/ChangeLog [WEB]
- http://www.osvdb.org/46513 [WEB]
- http://www.securityfocus.com/bid/30402 [WEB]
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01261.html [WEB]
- http://secunia.com/advisories/31314 [ADVISORY]
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01270.html [WEB]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44043 [WEB]
- https://github.com/advisories/GHSA-rcmj-xp8f-f6q4 [ADVISORY]