CVE-2016-7111 in MantisBTinformazioni

Riassunto

di MITRE

MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Content Security Policy when using the Gravatar plugin, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

29/08/2016

Divulgazione

17/02/2017

Moderazione

accettato

Voce

VDB-97110

CPE

pronto

CWE

CWE-79 (confermato)

CVSS

4.7 (NVD)

EPSS

0.00330

KEV

Attività

molto basso

Settore

Pharma, Hostingprovider, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7111
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7111
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7111/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you need the next level of professionalism?

Upgrade your account now!