Author: seanius Date: 2006-08-24 19:17:26 +0000 (Thu, 24 Aug 2006) New Revision: 4627 Modified: data/CVE/list Log: notes on CVE-2005-4305/trac Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-08-24 16:15:18 UTC (rev 4626) +++ data/CVE/list 2006-08-24 19:17:26 UTC (rev 4627) @@ -10831,6 +10831,13 @@ NOT-FOR-US: SiteNet BBS CVE-2005-4305 (Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, ...) - trac 0.9.3-1 (bug #344006) + [sarge] - trac <unfixed> (medium) + NOTE: upstream bts at http://trac.edgewall.org/ticket/2473 claims this is + NOTE: fixed in http://trac.edgewall.org/changeset/2724 but it''s a fairly + NOTE: invasive set of patches to backport. basically most instances + NOTE: of input being escape()''d are no longer done so, and instead a + NOTE: Markup() function replaces them, and special checks are done + NOTE: on rendered HTML output to prevent XSS code from being displayed. CVE-2005-4304 (index.php in ezDatabase 2.1.2 and earlier allows remote attackers to ...) NOT-FOR-US: ezDatabase CVE-2005-4303 (SQL injection vulnerability in index.php for ezDatabase 2.1.2 and ...)