Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:35 a.m.8 views

CVE-2019-15539

The projdoceditpage.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed when editing the document...

6.1CVSS6.1AI score0.01136EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/03/20 12:0 a.m.23 views

MantisBT < 2.21.3 XSS Vulnerability - Windows

MantisBT is prone to a cross-site scripting vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

6.1CVSS6.1AI score0.01136EPSS
Exploits0References1
CVE
CVE
added 2020/03/19 6:20 p.m.66 views

CVE-2019-15539

The CVE-2019-15539 entry concerns MantisBT before version 2.21.3, affecting the proj_doc_edit_page.php Project Documentation feature. The vulnerability is a stored XSS flaw triggered when uploading an attachment with a crafted filename; the injected script is executed when editing the document pa...

6.1CVSS6.1AI score0.01136EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/19 6:20 p.m.31 views

CVE-2019-15539

The projdoceditpage.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed when editing the document...

6.2AI score0.01136EPSS
Exploits0References2
Rows per page
Query Builder