Lucene search
MitreCVELIST:CVE-2017-7897HistoryApr 18, 2017 - 5:00 p.m.
CVE-2017-7897
2017-04-1817:00:00
mitre
www.cve.org
1
0.002 Low
EPSS
Percentile
60.3%
A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x before 2.3.2) Timeline include page, used in My View (my_view_page.php) and User Information (view_user_page.php) pages, allows remote attackers to inject arbitrary code (if CSP settings permit it) through crafted PATH_INFO in a URL, due to use of unsanitized $_SERVER[‘PHP_SELF’] to generate URLs.
Related
prion
prion
Cross site scripting
2017-04-18 17:59:00
ubuntucve
ubuntucve
CVE-2017-7897
2017-04-18 00:00:00
openvas
openvas
MantisBT 2.3.x < 2.3.2 XSS Vulnerability - Windows
2017-04-21 00:00:00
MantisBT 2.3.x < 2.3.2 XSS Vulnerability - Linux
2017-04-21 00:00:00
osv
osv
CVE-2017-7897
2017-04-18 17:59:00
nvd
nvd
CVE-2017-7897
2017-04-18 17:59:00
cve
cve
CVE-2017-7897
2017-04-18 17:59:00