Количество 4
Количество 4
CVE-2014-9272
The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol.
CVE-2014-9272
The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol.
CVE-2014-9272
The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x befo ...
GHSA-4wpx-6f47-3389
The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2014-9272 The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol. | CVSS2: 4.3 | 0% Низкий | около 11 лет назад |
 | CVE-2014-9272 The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol. | CVSS2: 4.3 | 0% Низкий | около 11 лет назад |
| CVE-2014-9272 The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x befo ... | CVSS2: 4.3 | 0% Низкий | около 11 лет назад |
| GHSA-4wpx-6f47-3389 The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol. | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу