3 matches found
CVE-2015-2144
Issuetracker phpBugTracker is affected by multiple XSS vulnerabilities in versions before 1.7.0. Remote authenticated users can inject arbitrary script/HTML via several fields: project name (project.php), use_js (user.php and group.php), Description (status.php, severity.php), Regex (os.php), and...
CVE-2015-2145
Issuetracker phpBugTracker contains multiple XSS flaws in versions prior to 1.7.0. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML through unspecified parameters, potentially affecting any pages that render user-supplied input. The root cause is improper sanitiza...
CVE-2015-2148
The CVE-2015-2148 entry is supported by connected records showing a concrete vulnerability in Issuetracker phpBugTracker: XSS vulnerabilities present in versions before 1.7.2, allowing remote attackers to inject arbitrary web script or HTML via unspecified parameters. The affected software is Iss...