CVSS: 4.8EPSS: 0%CPEs: 35EXPL: 1CVE-2017-7241
https://notcve.org/view.php?id=CVE-2017-7241
31 Mar 2017 — A cross-site scripting (XSS) vulnerability in the MantisBT Move Attachments page (move_attachments_page.php, part of admin tools) allows remote attackers to inject arbitrary code through a crafted 'type' parameter, if Content Security Protection (CSP) settings allows it. This is fixed in 1.3.9, 2.1.3, and 2.2.3. Note that this vulnerability is not exploitable if the admin tools directory is removed, as recommended in the "Post-installation and upgrade tasks" of the MantisBT Admin Guide. A reminder to do so ... • http://openwall.com/lists/oss-security/2017/03/30/4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 2%CPEs: 24EXPL: 1CVE-2017-7309
https://notcve.org/view.php?id=CVE-2017-7309
31 Mar 2017 — A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3. Una vulnerabilidad XSS en la página informe de configuración de MantisBT (adm_config_report.php) permite a atacantes remotos inyectar código arbitrario (si la configuración de CSP lo permite) mediante un parámetro 'config_option' manipulad... • http://openwall.com/lists/oss-security/2017/03/30/4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7222
https://notcve.org/view.php?id=CVE-2017-7222
22 Mar 2017 — A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' in the application configuration. This requires privileged access to MantisBT configuration management pages (i.e., administrator access rights) or altering the system configuration file (config_inc.php). Vulnerabilidad de XSS en MantisBT en versiones anteriores a 2.1.1 permite a atacantes remotos inyectar código... • http://github.com/mantisbt/mantisbt/commit/a85b0b96c8ebe3e010d0d016cf88ab3c8bfc196a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2017-6799
https://notcve.org/view.php?id=CVE-2017-6799
10 Mar 2017 — A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'view_type' parameter. Una vulnerabilidad de XSS en view_filters_page.php en MantisBT en versiones anteriores a 2.2.1 permite a atacantes remotos inyectar código JavaScript arbitrario a través del parámetro 'view_type'. • http://mantisbt.org/bugs/view.php?id=22497 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2CVE-2017-6797
https://notcve.org/view.php?id=CVE-2017-6797
10 Mar 2017 — A cross-site scripting (XSS) vulnerability in bug_change_status_page.php in MantisBT before 1.3.7 and 2.x before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'action_type' parameter. Una vulnerabilidad de XSS en bug_change_status_page.php en MantisBT en versiones anteriores a 1.3.7 y 2.x en versiones anteriores a 2.2.1 permite a atacantes remotos inyectar JavaScript arbitrario a través del parámetro 'action_type'. • http://www.mantisbt.org/bugs/view.php?id=22486 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2016-5364
https://notcve.org/view.php?id=CVE-2016-5364
17 Feb 2017 — Cross-site scripting (XSS) vulnerability in manage_custom_field_edit_page.php in MantisBT 1.2.19 and earlier allows remote attackers to inject arbitrary web script or HTML via the return parameter. Vulnerabilidad de XSS en manage_custom_field_edit_page.php en MantisBT 1.2.19 y versiones anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro return. • http://www.openwall.com/lists/oss-security/2016/06/11/5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7111
https://notcve.org/view.php?id=CVE-2016-7111
17 Feb 2017 — MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Content Security Policy when using the Gravatar plugin, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. MantisBT en versiones anteriores a 1.3.1 y 2.x en versiones anteriores a 2.0.0-beta.2 utiliza una política de seguridad de contenido débil cuando se utiliza el plugin Gravatar, que permite a atacantes remotos realizar ataques de secuencias de comandos de sitios cruzados (XSS) a través de vect... • http://www.openwall.com/lists/oss-security/2016/08/28/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6837
https://notcve.org/view.php?id=CVE-2016-6837
10 Jan 2017 — Cross-site scripting (XSS) vulnerability in MantisBT Filter API in MantisBT versions before 1.2.19, and versions 2.0.0-beta1, 1.3.0-beta1 allows remote attackers to inject arbitrary web script or HTML via the 'view_type' parameter. Vulnerabilidad de XSS en MantisBT Filter API en MantisBT en versiones anteriores a 1.2.19 y versiones 2.0.0-beta1, 1.3.0-beta1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro 'view_type'. • http://www.securityfocus.com/bid/92522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9759
https://notcve.org/view.php?id=CVE-2014-9759
11 Apr 2016 — Incomplete blacklist vulnerability in the config_is_private function in config_api.php in MantisBT 1.3.x before 1.3.0 allows remote attackers to obtain sensitive master salt configuration information via a SOAP API request. Vulnerabilidad de lista negra incompleta en la función config_is_private en config_api.php en MantisBT 1.3.x en versiones anteriores a 1.3.0 permite a atacantes remotos obtener información sensible de la configuración de la salt maestra a través de una petición API SOAP. • http://sourceforge.net/p/mantisbt/mailman/message/32948048 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 21EXPL: 3CVE-2015-1042 – Mantis BugTracker 1.2.19 Open Redirect
https://notcve.org/view.php?id=CVE-2015-1042
28 Jan 2015 — The string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 through 1.2.18 uses an incorrect regular expression, which allows remote attackers to conduct open redirect and phishing attacks via a URL with a ":/" (colon slash) separator in the return parameter to login_page.php, a different vulnerability than CVE-2014-6316. La función string_sanitize_url en core/string_api.php en MantisBT 1.2.0a3 hasta 1.2.18 utiliza una expresión regular incorrecta, lo que permite a atacantes remotos realizar... • https://packetstorm.news/files/id/130142 •