Описание
An issue was discovered in MantisBT through 2.24.3. In the helper_ensure_confirmed call in manage_custom_field_update.php, the custom field name is not sanitized. This may be problematic depending on CSP settings.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mantis | removed | package |
EPSS
Процентиль: 52%
0.00285
Низкий
Связанные уязвимости
CVSS3: 6.1
nvd
почти 5 лет назад
An issue was discovered in MantisBT through 2.24.3. In the helper_ensure_confirmed call in manage_custom_field_update.php, the custom field name is not sanitized. This may be problematic depending on CSP settings.
EPSS
Процентиль: 52%
0.00285
Низкий