CVE-2010-5108

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2010-5108

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2010-5108.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2010-5108

Downstream

DEBIAN-CVE-2010-5108

Published

2019-11-13T23:15:10Z

Modified

2026-04-10T03:41:33.893309Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions.

References

http://www.openwall.com/lists/oss-security/2013/02/13/2
https://access.redhat.com/security/cve/cve-2010-5108
https://security-tracker.debian.org/tracker/CVE-2010-5108
http://www.openwall.com/lists/oss-security/2013/02/13/2
https://access.redhat.com/security/cve/cve-2010-5108

CVE-2010-5108

Affected packages