Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.36 views

MantisBT 1.1.2 - 1.2.17 XSS Vulnerability - Linux

MantisBT is prone to a cross-site scripting XSS vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

4.3CVSS5.3AI score0.01995EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/01/22 12:0 a.m.70 views

MantisBT 1.2.x < 1.2.18 Multiple Vulnerabilities

According to its version number, the MantisBT application hosted on the remote web server is 1.2.x prior to 1.2.18. It is, therefore, affected by the following vulnerabilities : - Multiple input-validation errors exist that could allow cross-site scripting attacks. CVE-2014-7146, CVE-2014-8986,...

7.5CVSS5.6AI score0.50561EPSS
Exploits15References20
UbuntuCve
UbuntuCve
added 2015/01/09 6:59 p.m.25 views

CVE-2014-9272

The stringinserthref function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting XSS attacks via the javascript:// protocol...

4.3CVSS5.8AI score0.01995EPSS
Exploits0References3
CVE
CVE
added 2015/01/09 6:0 p.m.67 views

CVE-2014-9272

MantisBT 1.2.0a1 through 1.2.x before 1.2.18 is affected. The vulnerability stems from string_insert_href not properly validating the URL protocol, allowing remote XSS via the javascript:// protocol. Affected component: URL handling in string_insert_href. Impact: cross-site scripting that can be ...

4.3CVSS5.2AI score0.01995EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/01/08 12:0 a.m.45 views

Debian DSA-3120-1 : mantis - security update

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

7.5CVSS5.3AI score0.50561EPSS
Exploits16References23
OpenVAS
OpenVAS
added 2015/01/06 12:0 a.m.65 views

Debian Security Advisory DSA 3120-1 (mantis - security update)

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. OpenVAS Vulnerability Test $Id: deb3120.nasl 6609 2017-07-07 12:05:59Z...

7.5CVSS0.7AI score0.50561EPSS
Exploits16References1
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.34 views

Fedora Update for mantis FEDORA-2014-16546

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868626";...

7.5CVSS6.2AI score0.50561EPSS
Exploits22References2
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.32 views

Fedora Update for mantis FEDORA-2014-16504

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868624";...

7.5CVSS5.9AI score0.50561EPSS
Exploits23References2
Rows per page
Query Builder