Lucene search

PRIOn knowledge basePRION:CVE-2016-5364

HistoryFeb 17, 2017 - 5:59 p.m.

Cross site scripting

2017-02-1717:59:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.6%

JSON

Cross-site scripting (XSS) vulnerability in manage_custom_field_edit_page.php in MantisBT 1.2.19 and earlier allows remote attackers to inject arbitrary web script or HTML via the return parameter.

CPENameOperatorVersion
mantisbtle1.2.19

CPE	Name	Operator	Version
	mantisbt	le	1.2.19

References

www.openwall.com/lists/oss-security/2016/06/11/5

github.com/mantisbt/mantisbt/commit/11ab3d6c82a1d3a89b1024f77349fb60a83743c5

github.com/mantisbt/mantisbt/commit/5068df2dcf79c34741c746c9b27e0083f2a374da

mantisbt.org/bugs/view.php?id=20956