MantisBT Cross-site Scripting vulnerability

🗓️ 14 May 2022 02:44:24Reported by GitHub Advisory DatabaseType

Cross-site scripting vulnerability in MantisBT allows code injection via Add Category action.

Reporter	Title	Published	Views	Family All 27
Tenable Nessus	Mantis 1.2.x < 1.2.3 Cross-Site Scripting Vulnerability	30 Sep 201000:00	–	nessus
Tenable Nessus	Fedora 14 : mantis-1.1.8-4.fc14 (2010-15061)	6 Oct 201000:00	–	nessus
Tenable Nessus	Fedora 12 : mantis-1.1.8-4.fc12 (2010-15080)	6 Oct 201000:00	–	nessus
Tenable Nessus	Fedora 13 : mantis-1.1.8-4.fc13 (2010-15082)	6 Oct 201000:00	–	nessus
CVE	CVE-2010-2574	9 Aug 201020:00	–	cve
Cvelist	CVE-2010-2574	9 Aug 201020:00	–	cvelist
EUVD	EUVD-2010-2578	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 12 Update: mantis-1.1.8-4.fc12	30 Sep 201010:26	–	fedora
Fedora	[SECURITY] Fedora 14 Update: mantis-1.1.8-4.fc14	30 Sep 201006:08	–	fedora
Fedora	[SECURITY] Fedora 13 Update: mantis-1.1.8-4.fc13	30 Sep 201010:30	–	fedora

Vulners

Node

mantisbt mantisbtRange≤1.2.2composer

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2010-2574
lists	www.lists.fedoraproject.org/pipermail/package-announce/2010-September/048548.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.html
mantisbt	www.mantisbt.org/bugs/changelog_page.php
mantisbt	www.mantisbt.org/bugs/view.php
openwall	www.openwall.com/lists/oss-security/2010/09/14/12
openwall	www.openwall.com/lists/oss-security/2010/09/14/13
web	www.web.archive.org/web/20200515131055/http://www.securityfocus.com/archive/1/512886/100/0/threaded
github	www.github.com/advisories/GHSA-74x7-mfvg-h2wf

12 Apr 2025 01:36Current

5.6Medium risk

Vulners AI Score5.6

CVSS 22.1

EPSS0.00421