exploitDog

GHSA-pg85-jxf5-fj77

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x before 1.2.18, when Extended project browser is enabled, allows remote attackers to inject arbitrary web script or HTML via the project cookie.

Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x before 1.2.18, when Extended project browser is enabled, allows remote attackers to inject arbitrary web script or HTML via the project cookie.

Ссылки

EPSS

Процентиль: 61%

0.00407

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2014-9269

ubuntu

около 11 лет назад

Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x before 1.2.18, when Extended project browser is enabled, allows remote attackers to inject arbitrary web script or HTML via the project cookie.

CVE-2014-9269

nvd

около 11 лет назад

Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x before 1.2.18, when Extended project browser is enabled, allows remote attackers to inject arbitrary web script or HTML via the project cookie.

CVE-2014-9269

debian

около 11 лет назад

Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT ...

EPSS

Процентиль: 61%

0.00407

Низкий

CVE ID

Дефекты

CWE-79