Описание
Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the url parameter to permalink_page.php.
Ссылки
- Mailing ListPatchThird Party Advisory
- Issue TrackingPatchThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- PatchThird Party Advisory
- Vendor Advisory
- Vendor Advisory
- Mailing ListPatchThird Party Advisory
- Issue TrackingPatchThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- PatchThird Party Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the url parameter to permalink_page.php.
Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and ...
Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the url parameter to permalink_page.php.
EPSS
6.5 Medium
CVSS3
4.3 Medium
CVSS2