Описание
Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the match_type parameter to bugs/search.php.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.2.11-1.2 |
| hardy | ignored | end of life |
| lucid | not-affected | 1.1.8+dfsg-4 |
| oneiric | not-affected | 1.2.8-1 |
| precise | not-affected | 1.2.10-1 |
| quantal | not-affected | 1.2.11-1.1 |
| upstream | released | 1.2.13 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the match_type parameter to bugs/search.php.
Cross-site scripting (XSS) vulnerability in the filter_draw_selection_ ...
Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the match_type parameter to bugs/search.php.
EPSS
4.3 Medium
CVSS2