CVE-2005-4644 Information

Description

Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.

Reference

http://projects.edgewall.com/trac/ticket/2473 http://secunia.com/advisories/18465 http://secunia.com/advisories/18555 http://trac.edgewall.org/ticket/2473 http://www.debian.org/security/2006/dsa-951 http://www.securityfocus.com/bid/16198 http://www.vupen.com/english/advisories/2006/0226 https://exchange.xforce.ibmcloud.com/vulnerabilities/24183