Lucene search
+L

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-6154

Malware in sbrugna...

9.6CVSS9.2AI score0.02067EPSS
Exploits1References4
Snyk
Snyk
added 2022/05/24 4:54 p.m.1 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via crafted filenames in the myviewpage.php Timeline feature. An attacker can execute arbitrary code visible to any user viewing the My View Page by uploading an...

9.6CVSS5.5AI score0.02067EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/05/24 4:54 p.m.12 views

MantisBT allows cross-site scripting (XSS) via crafted filename

The Timeline feature in myviewpage.php in MantisBT through 2.21.1 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed for any user having visibility to the...

9.6CVSS6.2AI score0.02067EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/24 4:54 p.m.5 views

GHSA-GG4J-279J-22PH MantisBT allows cross-site scripting (XSS) via crafted filename

The Timeline feature in myviewpage.php in MantisBT through 2.21.1 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed for any user having visibility to the...

5.3CVSS8.8AI score0.02067EPSS
Exploits1References4
OSV
OSV
added 2022/05/17 2:31 a.m.6 views

GHSA-8R2M-QHFF-JM2C MantisBT XSS via my_view_page.php and view_user_page.php

A cross-site scripting XSS vulnerability in the MantisBT 2.3.x before 2.3.2 Timeline include page, used in My View myviewpage.php and User Information viewuserpage.php pages, allows remote attackers to inject arbitrary code if CSP settings permit it through crafted PATHINFO in a URL, due to use o...

6.1CVSS6.2AI score0.01754EPSS
Exploits1References5
Rows per page
Query Builder