3 matches found
MantisBT 2.1.0 - 2.17.0 'View Filters' And 'Edit Filter' Pages XSS Vulnerability
MantisBT is prone to a cross-site-scripting XSS vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
CVE-2018-16514
A cross-site scripting XSS vulnerability in the View Filters page viewfilterspage.php and Edit Filter page managefiltereditpage.php in MantisBT 2.1.0 through 2.17.0 allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted PATHINFO. NOTE: this vulnerability exis...
CVE-2018-16514
CVE-2018-16514 is an XSS vulnerability in MantisBT versions 2.1.0–2.17.0 affecting the View Filters (view_filters_page.php) and Edit Filter (manage_filter_edit_page.php) pages. The issue allows remote attackers to inject arbitrary code through a crafted PATH_INFO, and is noted as a consequence of...