Lucene search
HistoryApr 02, 2006 - 9:04 p.m.
CVE-2006-1577
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
5.7 Medium
AI Score
Confidence
High
0.025 Low
EPSS
Percentile
90.3%
Multiple cross-site scripting (XSS) vulnerabilities in view_all_set.php in Mantis 1.0.1, 1.0.0rc5, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) start_day, (2) start_year, and (3) start_month parameters.
Affected configurations
Node
mantismantisMatch1.0
ORmantismantisMatch1.0.0_rc1
ORmantismantisMatch1.0.0_rc2
ORmantismantisMatch1.0.0_rc3
ORmantismantisMatch1.0.0_rc4
ORmantismantisMatch1.0.0a1
ORmantismantisMatch1.0.0a2
ORmantismantisMatch1.0.0a3
ORmantismantisMatch1.0.1
Related
prion
prion
Cross site scripting
2006-04-02 21:04:00
cvelist
cvelist
CVE-2006-1577
2006-04-02 21:00:00
cve
cve
CVE-2006-1577
2006-04-02 21:04:00
ubuntucve
ubuntucve
CVE-2006-1577
2006-04-02 00:00:00
debian
debian
openvas
openvas
Debian: Security Advisory (DSA-1133-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1133-1 (mantis)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-1133-1 : mantis - missing input sanitising
2006-10-14 00:00:00
osv
osv
mantis - cross site scripting
2006-08-01 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
5.7 Medium
AI Score
Confidence
High
0.025 Low
EPSS
Percentile
90.3%
Related for NVD:CVE-2006-1577