5 matches found
Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting
Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when: - resolving or closing issues bugchangestatuspage.php belonging to a project linking said custom field - viewing issues viewallbugpage.php when...
GHSA-WGX7-JP56-65MQ Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting
Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when: - resolving or closing issues bugchangestatuspage.php belonging to a project linking said custom field - viewing issues viewallbugpage.php when...
FreeBSD : mantis -- multiple vulnerabilities (19259833-26b1-11eb-a239-1c697a013f4b)
Mantis 2.24.3 release reports : This release fixes 3 security issues : - 0027039: CVE-2020-25781: Access to private bug note attachments - 0027275: CVE-2020-25288: HTML Injection on bugupdatepage.php - 0027304: CVE-2020-25830: HTML Injection in bugactiongrouppage.php C Tenable Network Security,...
CVE-2020-25830
CVE-2020-25830 affects MantisBT before 2.24.3. The root cause is improper escaping of a custom field name, permitting HTML injection and, if CSP allows, arbitrary JavaScript execution when updating that custom field via bug_actiongroup_page.php. Evidence in multiple sources ties this to an XSS ri...
mantis -- multiple vulnerabilities
Mantis 2.24.3 release reports: This release fixes 3 security issues: 0027039: CVE-2020-25781: Access to private bug note attachments 0027275: CVE-2020-25288: HTML Injection on bugupdatepage.php 0027304: CVE-2020-25830: HTML Injection in bugactiongrouppage.php...