5 matches found
CVE-2018-13055
A cross-site scripting XSS vulnerability in the View Filters page viewfilterspage.php in MantisBT 2.1.0 through 2.15.0 allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted PATHINFO...
CVE-2018-16514
A cross-site scripting XSS vulnerability in the View Filters page viewfilterspage.php and Edit Filter page managefiltereditpage.php in MantisBT 2.1.0 through 2.17.0 allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted PATHINFO. NOTE: this vulnerability exis...
Cross site scripting
A cross-site scripting XSS vulnerability in the View Filters page viewfilterspage.php and Edit Filter page managefiltereditpage.php in MantisBT 2.1.0 through 2.17.0 allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted PATHINFO. NOTE: this vulnerability exis...
Mantis 2.11.1 Cross Site Scripting
Reflected Cross-site Scripting in Mantis 2.11.1 Information -------------------- Advisory by Netsparker Name: Reflected Cross-site Scripting in Mantis 2.11.1 Affected Software: Mantis Affected Versions: 2.11.1 Homepage: https://www.mantisbt.org/ Vulnerability: Cross-site Scripting Severity: Mediu...
CVE-2018-13055
CVE-2018-13055 family (MantisBT) : The cross‑site scripting flaw affects MantisBT 2.1.0–2.15.0 (and related advisories) via PATH_INFO on the View Filters page (view_filters_page.php) and related Edit Filter paths, caused by an incomplete fix for this issue. Connected entries reiterate the same XS...