Lucene search
PRIOn knowledge basePRION:CVE-2017-7222HistoryMar 22, 2017 - 5:59 a.m.
Cross site scripting
2017-03-2205:59:00
PRIOn knowledge base
www.prio-n.com
7
0.001 Low
EPSS
Percentile
47.3%
A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT’s CSP settings permit it) by modifying ‘window_title’ in the application configuration. This requires privileged access to MantisBT configuration management pages (i.e., administrator access rights) or altering the system configuration file (config_inc.php).
Related
openvas
openvas
MantisBT < 2.1.1 'view_type' XSS Vulnerability - Linux
2017-03-23 00:00:00
MantisBT < 2.1.1 'view_type' XSS Vulnerability - Windows
2017-03-23 00:00:00
cvelist
cvelist
CVE-2017-7222
2017-03-22 05:31:00
ubuntucve
ubuntucve
CVE-2017-7222
2017-03-22 00:00:00
cve
cve
CVE-2017-7222
2017-03-22 05:59:00
nvd
nvd
CVE-2017-7222
2017-03-22 05:59:00
osv
osv
CVE-2017-7222
2017-03-22 05:59:00
nessus
nessus
MantisBT 2.2.x < 2.2.1 Multiple XSS
2017-03-15 00:00:00