Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-9571

Опубликовано: 26 янв. 2015
Источник: debian
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mantisremovedpackage
mantisno-dsawheezypackage
mantisend-of-lifesqueezepackage

Примечания

  • Upstream patch: http://github.com/mantisbt/mantisbt/commit/6d47c047 (1.2.x)

  • https://www.mantisbt.org/bugs/view.php?id=17938

EPSS

Процентиль: 63%
0.00445
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2014-9571

ubuntu
около 11 лет назад

Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter.

nvd логотип

CVE-2014-9571

nvd
около 11 лет назад

Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter.

github логотип

GHSA-g3r5-9xj4-995x

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter.

EPSS

Процентиль: 63%
0.00445
Низкий