DSA-1209 trac - cross-site request forgery
13th Nov 2006, 20:08 GMT
It was discovered that Trac, a wiki and issue tracking system for software development projects, performs insufficient validation against cross-site request forgery, which might lead to an attacker being able to perform manipulation of a Trac site with the privileges of the attacked Trac user.
DSA-1209 trac - cross-site request forgery related news:
- DSA-1209 trac — Debian Security
- DSA 1209-2: New trac packages fix cross-site request forgery — Linux Compatible
- Debian Security Advisory - trac (DSA 1209-1 ) — Help Net Security - Advisories
- Debian Security Advisory - trac (DSA 1209-2) — Help Net Security - Advisories
- Debian Security Advisory - trac (DSA 1209-1) — Help Net Security - Advisories
- Security updates for Monday — LWN.net
- Tuesday's security advisories — LWN.net
- Track Data Corporation: Track Data's Track ECN to Quote on NSX BLADE — Market Wire - Financial Services
- Vuln: IBM WebSphere FaultFactor Cross-Site Scripting Vulnerability — SecurityFocus Vulnerabilities
- Silavwe Pleads Not Guilty to Theft, Forgery Charges — AllAfrica News: Zambia