CVE-2014-9271 in MantisBTthông tin

Tóm tắt

Bởi MITRE

Cross-site scripting (XSS) vulnerability in file_download.php in MantisBT before 1.2.18 allows remote authenticated users to inject arbitrary web script or HTML via a Flash file with an image extension, related to inline attachments, as demonstrated by a .swf.jpeg filename.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Nguồn

Want to know what is going to be exploited?

We predict KEV entries!