CVE-2009-2802

Опубликовано: 09 нояб. 2019

Источник: debian

Описание

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mantis	not-affected			package

Примечания

http://www.mantisbt.org/bugs/view.php?id=11952
http://www.mantisbt.org/blog/?p=113

Связанные уязвимости

CVE-2009-2802

CVSS3: 6.1

ubuntu

около 6 лет назад

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

CVE-2009-2802

CVSS3: 6.1

nvd

около 6 лет назад

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

GHSA-xcfc-9gm4-cqj8

github

больше 3 лет назад

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.