id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,branch,changelog,apichanges,internalchanges 4049,CSRF vulnerabilities in trac,dkg-debian.org@…,Jonas Borgström,"Despite [1701], trac appears to still be vulnerable to a fairly widespread class of Cross Site Request Forgery attacks. These attacks require minimal action by the user: All the user needs to do is: 1. be logged into a targeted trac installation, and 1. visit a malicious remote web site (or click a malicious remote link) with the same browser Because these attacks make use of the browsers' cached credentials, and they are launched from the browser (not from the malicious remote site), firewalls and other perimeter restrictions are not useful against them. I've put a demonstration of this attack up [http://lair.fifthhorseman.net/~dkg/testing/trac-exploit/frame.html here], along with details of how trac might be modified to protect against such an attack. Please let me know if i can be of any help fixing this.",defect,closed,high,0.10.2,general,0.10,critical,fixed,CSRF security,dkg-debian.org@…,,,,