2 matches found
CVE-2013-1932
CVE-2013-1932 affects MantisBT 1.2.13. The OpenVAS entries and NVD description confirm a cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) that allows remote authenticated users to inject arbitrary script/HTML via the project name. The Nessus NASL i...
MantisBT 1.2.x < 1.2.14 adm_config_report.php Multiple Parameter XSS
According to its version number, the MantisBT install hosted on the remote web server is affected by multiple cross-site scripting vulnerabilities : - A flaw exists in on the Configuration Report page in the 'admconfigreport.php' script. CVE-2013-1932 - A flaw exists because the application fails...