CVE-2005-3337

2005-10-2704:00:00

mitre

www.cve.org

5.6 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0.19.3 allow remote attackers to inject arbitrary web script or HTML via (1) unknown vectors involving Javascript and (2) mantis/view_all_set.php.

References

bugs.mantisbt.org/changelog_page.php

secunia.com/advisories/17362

sourceforge.net/project/shownotes.php?release_id=362673

www.gentoo.org/security/en/glsa/glsa-200510-24.xml

www.osvdb.org/20321