VDB
CVE-2006-5878
CVE-2006-5878
PUBLISHED
CVSS 7.5 HIGH
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
EPSS 1.82% · 83.2th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
1.82%
83.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| edgewall_software | trac | 0.5, 0.5.2, 0.7 |
| PyPI | trac | 0 |
Timeline
- Nov 14, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- GLSA-200612-14 vendor-advisory
- 22789 third-party-advisory
- DSA-1209 vendor-advisory
- 23357 third-party-advisory
- ADV-2006-4422 vdb
- trac-unspecified-csrf(30146) vdb
- 22868 third-party-advisory
- http://trac.edgewall.org/ticket/4049 url
- http://trac.edgewall.org/wiki/ChangeLog url
- https://nvd.nist.gov/vuln/detail/CVE-2006-5878 advisory
- https://github.com/pypa/advisory-database/tree/main/vulns/trac/PYSEC-2006-3.yaml url
- https://web.archive.org/web/20140724015143/http://secunia.com/advisories/23357 url
- https://web.archive.org/web/20140724111033/http://secunia.com/advisories/22868 url
- https://web.archive.org/web/20140801133247/http://secunia.com/advisories/22789 url