Описание
A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.2.11-1.2 |
| hardy | not-affected | |
| lucid | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| upstream | needs-triage |
Показывать по
EPSS
3.5 Low
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name.
A cross-site scripting (XSS) vulnerability in the configuration report ...
A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name.
EPSS
3.5 Low
CVSS2
5.4 Medium
CVSS3