Опубликовано: 01 мая 2022
Источник: github
Github: Прошло ревью
CVSS4: 6.9
CVSS3: 5.3
Описание
Trac missing Content-Disposition HTTP header
Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors.
Пакеты
Наименование
trac
pip
Затронутые версииВерсия исправления
< 0.10.3.1
0.10.3.1
Связанные уязвимости
ubuntu
больше 18 лет назад
Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors.
nvd
больше 18 лет назад
Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors.
debian
больше 18 лет назад
Trac before 0.10.3.1 does not send a Content-Disposition HTTP header s ...