Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-97r3-f3fh-2pjg

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by the PATH_INFO to (1) manage_config_email_page.php, (2) manage_config_workflow_page.php, or (3) bugs/plugin.php.

Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by the PATH_INFO to (1) manage_config_email_page.php, (2) manage_config_workflow_page.php, or (3) bugs/plugin.php.

Ссылки

EPSS

Процентиль: 74%
0.00825
Низкий

CVE ID

CVE-2011-3356

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2011-3356

ubuntu
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by the PATH_INFO to (1) manage_config_email_page.php, (2) manage_config_workflow_page.php, or (3) bugs/plugin.php.

nvd логотип

CVE-2011-3356

nvd
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by the PATH_INFO to (1) manage_config_email_page.php, (2) manage_config_workflow_page.php, or (3) bugs/plugin.php.

debian логотип

CVE-2011-3356

debian
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in config_defaults ...

EPSS

Процентиль: 74%
0.00825
Низкий

CVE ID

CVE-2011-3356

Дефекты

CWE-79