CVE-2017-7620 in MantisBT信息

摘要

由 VulDB • 2026-06-15

在 MantisBT 2.4.1 之前的版本中,通过针对 permalink_page.php?url= URIs 的跨站请求伪造(CSRF)攻击可实现 Permalink Injection。此问题是由于 string_api.php 中缺少对反斜杠的检查所致。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Want to know what is going to be exploited?

We predict KEV entries!