—

PYSEC-2006-3

상세

Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / trac

최초 영향 버전: 0 수정 버전: 0.11

수정 pip install --upgrade 'trac>=0.11'

참고

http://trac.edgewall.org/wiki/ChangeLog [WEB]
http://www.debian.org/security/2006/dsa-1209 [ADVISORY]
http://secunia.com/advisories/22789 [ADVISORY]
http://secunia.com/advisories/22868 [ADVISORY]
http://trac.edgewall.org/ticket/4049 [WEB]
http://security.gentoo.org/glsa/glsa-200612-14.xml [ADVISORY]
http://secunia.com/advisories/23357 [ADVISORY]
http://www.vupen.com/english/advisories/2006/4422 [ADVISORY]
https://exchange.xforce.ibmcloud.com/vulnerabilities/30146 [WEB]
https://github.com/advisories/GHSA-2q26-r8c4-jfx5 [ADVISORY]