CVE-2014-9269 in MantisBTinformazioni

Riassunto

di MITRE

Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x before 1.2.18, when Extended project browser is enabled, allows remote attackers to inject arbitrary web script or HTML via the project cookie.

Once again VulDB remains the best source for vulnerability data.

Fonti

Interested in the pricing of exploits?

See the underground prices here!