CVE-2014-9272 in MantisBTinfo

Zusammenfassung

von MITRE

The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the javascript:// protocol.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservieren

04.12.2014

Veröffentlichung

09.01.2015

Moderieren

akzeptiert

Eintrag

VDB-73541

CPE

bereit

EPSS

0.01995

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!