2 matches found
CVE-2005-3090
Cross-site scripting XSS vulnerability in bugactiongrouppage.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the summary of the bug, which is not quoted when viewallbugpage.php is used to delete the bug, as identified by bug0006002, a...
CVE-2005-3090
The CVE-2005-3090 entry describes an XSS vulnerability in Mantis (bug_actiongroup_page.php) affecting 0.19.0a1–1.0.0a3. An attacker can inject arbitrary script/HTML via the bug summary when view_all_bug_page.php is used to delete a bug, since the summary is not quoted. No specific exploit details...