Описание
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the project_id parameter to search.php.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.2.6-1 |
| hardy | ignored | end of life |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected | |
| upstream | released | 1.2.6-1, 1.2.7 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the project_id parameter to search.php.
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php ...
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the project_id parameter to search.php.
EPSS
4.3 Medium
CVSS2