High severityNVD Advisory· Published Nov 14, 2006· Updated Jun 16, 2026
CVE-2006-5878
CVE-2006-5878
Description
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tracPyPI | < 0.10.1 | 0.10.1 |
Affected products
24cpe:2.3:a:edgewall_software:trac:*:*:*:*:*:*:*:*+ 22 more
- cpe:2.3:a:edgewall_software:trac:*:*:*:*:*:*:*:*range: <=0.10
- cpe:2.3:a:edgewall_software:trac:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.50.9:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9b1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall_software:trac:0.9b2:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
15- trac.edgewall.org/wiki/ChangeLognvdPatchWEB
- www.debian.org/security/2006/dsa-1209nvdPatchWEB
- github.com/advisories/GHSA-2q26-r8c4-jfx5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2006-5878ghsaADVISORY
- security.gentoo.org/glsa/glsa-200612-14.xmlnvdWEB
- trac.edgewall.org/ticket/4049nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/30146nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/trac/PYSEC-2006-3.yamlghsaWEB
- web.archive.org/web/20140724015143/http://secunia.com/advisories/23357ghsaWEB
- web.archive.org/web/20140724111033/http://secunia.com/advisories/22868ghsaWEB
- web.archive.org/web/20140801133247/http://secunia.com/advisories/22789ghsaWEB
- secunia.com/advisories/22789nvd
- secunia.com/advisories/22868nvd
- secunia.com/advisories/23357nvd
- www.vupen.com/english/advisories/2006/4422nvd
News mentions
0No linked articles in our index yet.