4 matches found
EUVD-2017-3647
Malware in sbrugna...
EUVD-2022-36947
Malicious code in bioql PyPI...
GHSA-V7QF-22RW-CHPH MantisBT XSS via adm_config_report.php's action parameter
A cross-site scripting XSS vulnerability in the MantisBT Configuration Report page admconfigreport.php allows remote attackers to inject arbitrary code through a crafted 'action' parameter. This is fixed in 1.3.8, 2.1.2, and 2.2.2...
MantisBT allows XSS via Edit Filter page
A cross-site scripting XSS vulnerability in the Edit Filter page managefilteredit page.php in MantisBT 2.1.0 through 2.17.1 allows remote attackers if access rights permit it to inject arbitrary code if CSP settings permit it through a crafted project name...