Описание
Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mantis | removed | package | ||
| mantis | no-dsa | wheezy | package | |
| mantis | end-of-life | squeeze | package |
Примечания
Upstream patch: https://github.com/mantisbt/mantisbt/commit/6defeed5 (1.2.x)
https://www.mantisbt.org/bugs/view.php?id=19301
https://www.openwall.com/lists/oss-security/2015/02/09/10
CVE for specific portion of the original May 2014 adm_config_report.php discovery
that remains present in version 1.2.18 and 1.2.19
EPSS
Процентиль: 59%
0.00374
Низкий
Связанные уязвимости
CVSS3: 6.1
ubuntu
больше 8 лет назад
Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20.
CVSS3: 6.1
nvd
больше 8 лет назад
Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20.
CVSS3: 6.1
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20.
EPSS
Процентиль: 59%
0.00374
Низкий