CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2017/01/10 3:59 p.m.•17 views

CVE-2016-6837

Cross-site scripting XSS vulnerability in MantisBT Filter API in MantisBT versions before 1.2.19, and versions 2.0.0-beta1, 1.3.0-beta1 allows remote attackers to inject arbitrary web script or HTML via the 'viewtype' parameter...

6.1CVSS6AI score0.03691EPSS

Exploits0References4

UbuntuCve•added 2017/01/10 3:59 p.m.•11 views

CVE-2016-6837

6.1CVSS6.4AI score0.03691EPSS

Exploits0References2

OSV•added 2017/01/10 3:59 p.m.•14 views

CVE-2016-6837

6.1CVSS5.8AI score

Exploits0References4

Cvelist•added 2017/01/10 3:0 p.m.•19 views

CVE-2016-6837

6AI score0.03691EPSS

Exploits0References4

CVE•added 2017/01/10 3:0 p.m.•48 views

CVE-2016-6837

MantisBT is vulnerable to XSS in the Filter API via the view_type parameter. Affected software includes MantisBT versions before 1.2.19 and versions 2.0.0-beta1, 1.3.0-beta1. The root cause is insufficient input handling of view_type leading to remote script/HTML injection. The provided documents...

6.1CVSS5.9AI score0.03691EPSS

Exploits0References4Affected Software1

Check Point Advisories•added 2016/09/18 12:0 a.m.•12 views

Mantis Bug Tracker Filter API view_type Cross Site Scripting (CVE-2016-6837)

A cross-site scripting vulnerability exists in the Filter API component of Mantis Bug Tracker. The vulnerability is due to insufficient input validation on the viewtype parameter in viewallbugpage.php. A remote attacker could exploit this vulnerability by enticing authenticated users to click on ...

4.3CVSS5.7AI score0.03691EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by