13 matches found
EUVD-2020-23757
Malware in sbrugna...
EUVD-2017-15996
Malware in sbrugna...
EUVD-2018-8208
Malware in sbrugna...
CVE-2020-8981
A cross-site scripting XSS vulnerability was discovered in the Source Integration plugin before 1.6.2 and 2.x before 2.3.1 for MantisBT. The repodelete.php Delete Repository page allows execution of arbitrary code via a repo name if CSP settings permit it. This is related to CVE-2018-16362...
CVE-2020-36192
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues either marked as Private, or part of a private Project, if they are attached to an existing Changeset. The information is visible on the view.php...
CVE-2020-36192
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues either marked as Private, or part of a private Project, if they are attached to an existing Changeset. The information is visible on the view.php...
CVE-2020-36192
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues either marked as Private, or part of a private Project, if they are attached to an existing Changeset. The information is visible on the view.php...
CVE-2020-36192
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues either marked as Private, or part of a private Project, if they are attached to an existing Changeset. The information is visible on the view.php...
MantisBT Source Integration Plugin Cross-Site Scripting Vulnerability
MantisBT is MantisBT team of a Web-based open source defect tracking system . The system provides project management and defect tracking services in the form of Web operations . Source Integration plugin is used in which a source code control integration plugin . A cross-site scripting...
CVE-2018-16362
An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT. A cross-site scripting XSS vulnerability in the Manage Repository and Changesets List pages allows execution of arbitrary code if CSP settings permit it via repomanagepage.php or list.php...
CVE-2018-16362
An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT. A cross-site scripting XSS vulnerability in the Manage Repository and Changesets List pages allows execution of arbitrary code if CSP settings permit it via repomanagepage.php or list.php...
Cross site scripting
An XSS vulnerability in the MantisBT Source Integration Plugin before 2.0.2 search result page allows an attacker to inject arbitrary HTML or JavaScript if MantisBT's CSP settings permit it by crafting any valid parameter...
CVE-2017-6958
The CVE-2017-6958 entry describes an XSS vulnerability in the MantisBT Source Integration Plugin (pre-2.0.2). The flaw allows an attacker to inject arbitrary HTML/JavaScript via crafted parameters on the plugin’s search results page, potentially exploiting CSP allowances in MantisBT. Affected com...