Vulnerabilities
Vulnerable Software
Mantisbt:  >> Mantisbt  >> 1.2.6  Security Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the (1) os, (2) os_build, or (3) platform parameter to (a) bug_report_page.php or (b) bug_update_advanced_page.php, related to use of the Projax library.
CVSS Score
4.3
EPSS Score
0.008
Published
2011-09-21
Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the action parameter, related to bug_actiongroup_page.php, a different vulnerability than CVE-2011-3357.
CVSS Score
4.3
EPSS Score
0.013
Published
2011-09-21
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the project_id parameter to search.php.
CVSS Score
4.3
EPSS Score
0.157
Published
2011-09-21
Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by the PATH_INFO to (1) manage_config_email_page.php, (2) manage_config_workflow_page.php, or (3) bugs/plugin.php.
CVSS Score
4.3
EPSS Score
0.008
Published
2011-09-21


Contact Us

Shodan ® - All rights reserved