CVE-2009-2802

Опубликовано: 09 нояб. 2019

Источник: ubuntu

Приоритет: medium

CVSS2: 4.3

CVSS3: 6.1

Описание

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	not-affected	1.2.10-1
trusty	DNE
trusty/esm	DNE
upstream	released	1.2.2
vivid	DNE

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2009-2802

CVSS3: 6.1

nvd

около 6 лет назад

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

CVE-2009-2802

CVSS3: 6.1

debian

около 6 лет назад

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME ty ...

GHSA-xcfc-9gm4-cqj8

github

почти 4 года назад

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2009-2802

Описание

Пакет mantis

Ссылки на источники

Связанные уязвимости