Sign in Subscribe

← All advisories

Moderate severityNVD Advisory· Published Dec 17, 2008· Updated Apr 23, 2026

CVE-2008-5647

CVE-2008-5647

Description

Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
TracPyPI	< 0.11.2	0.11.2

Affected products

32

Trac/Trac31 versions
cpe:2.3:a:trac:trac:*:*:*:*:*:*:*:*+ 30 more
- cpe:2.3:a:trac:trac:*:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.10.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.10.5:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9:b1:*:*:*:*:*:*
- cpe:2.3:a:trac:trac:0.9:b2:*:*:*:*:*:*
ghsa-coords
pkg:pypi/trac
Range: < 0.11.2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

10

secunia.com/advisories/32652nvdVendor Advisory
github.com/advisories/GHSA-ww53-wxxr-8f9wghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2008-5647ghsaADVISORY
trac.edgewall.org/wiki/ChangeLognvdWEB
exchange.xforce.ibmcloud.com/vulnerabilities/46491nvdWEB
github.com/pypa/advisory-database/tree/main/vulns/trac/PYSEC-2008-7.yamlghsaWEB
web.archive.org/web/20140722200717/http://secunia.com/advisories/32652ghsaWEB
web.archive.org/web/20200228023138/http://www.securityfocus.com/bid/32226ghsaWEB
www.securityfocus.com/bid/32226nvd
www.vupen.com/english/advisories/2008/3080nvd

News mentions

0

No linked articles in our index yet.