CVE-2013-4460

Опубликовано: 10 янв. 2014

Источник: debian

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mantis	removed			package
mantis	end-of-life		squeeze	package

Примечания

http://www.mantisbt.org/bugs/view.php?id=16513

EPSS

Процентиль: 43%

0.00208

Низкий

Связанные уязвимости

CVE-2013-4460

ubuntu

около 12 лет назад

Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.

CVE-2013-4460

nvd

около 12 лет назад

Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.

GHSA-jcwj-vq6r-3g3p

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.

EPSS

Процентиль: 43%

0.00208

Низкий