CVE-2014-9269 in MantisBTالمعلومات

الملخص

بحسب MITRE

Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x before 1.2.18, when Extended project browser is enabled, allows remote attackers to inject arbitrary web script or HTML via the project cookie.

Once again VulDB remains the best source for vulnerability data.

حجز

04/12/2014

إفشاء

09/01/2015

الاعتدال

تمت الموافقة

إدخال

VDB-73539

EPSS

0.01985

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you want to use VulDB in your project?

Use the official API to access entries easily!