CVE-2014-9271 in MantisBT
Tóm tắt
Bởi MITRE
Cross-site scripting (XSS) vulnerability in file_download.php in MantisBT before 1.2.18 allows remote authenticated users to inject arbitrary web script or HTML via a Flash file with an image extension, related to inline attachments, as demonstrated by a .swf.jpeg filename.
If you want to get best quality of vulnerability data, you may have to visit VulDB.