Количество 4
Количество 4
CVE-2017-7309
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3.
CVE-2017-7309
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3.
CVE-2017-7309
A cross-site scripting (XSS) vulnerability in the MantisBT Configurati ...
GHSA-4w6c-3hcx-rfj5
MantisBT vulnerable to XSS through config_option parameter in adm_config_report.php
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-7309 A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3. | CVSS3: 4.8 | 2% Низкий | почти 9 лет назад |
 | CVE-2017-7309 A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3. | CVSS3: 4.8 | 2% Низкий | почти 9 лет назад |
| CVE-2017-7309 A cross-site scripting (XSS) vulnerability in the MantisBT Configurati ... | CVSS3: 4.8 | 2% Низкий | почти 9 лет назад |
| GHSA-4w6c-3hcx-rfj5 MantisBT vulnerable to XSS through config_option parameter in adm_config_report.php | CVSS3: 4.8 | 2% Низкий | больше 3 лет назад |
Уязвимостей на страницу