Lucene search
DebianCVE-2005-2557HistorySep 28, 2005 - 9:03 p.m.
CVE-2005-2557
2005-09-2821:03:00
debian
web.nvd.nist.gov
38
cve-2005-2557
xss vulnerability
mantis
remote attackers
web script
html
security
vulnerability
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.005
Percentile
76.9%
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090.
Affected configurations
Node
mantismantisMatch0.19.0
ORmantismantisMatch0.19.0_rc1
ORmantismantisMatch0.19.0a1
ORmantismantisMatch0.19.0a2
ORmantismantisMatch0.19.1
ORmantismantisMatch0.19.2
ORmantismantisMatch1.0.0a1
ORmantismantisMatch1.0.0a2
ORmantismantisMatch1.0.0a3
Node
debiandebian_linuxMatch3.1
ORdebiandebian_linuxMatch3.1alpha
ORdebiandebian_linuxMatch3.1amd64
ORdebiandebian_linuxMatch3.1arm
ORdebiandebian_linuxMatch3.1hppa
ORdebiandebian_linuxMatch3.1ia-32
ORdebiandebian_linuxMatch3.1ia-64
ORdebiandebian_linuxMatch3.1m68k
ORdebiandebian_linuxMatch3.1mips
ORdebiandebian_linuxMatch3.1mipsel
ORdebiandebian_linuxMatch3.1ppc
ORdebiandebian_linuxMatch3.1s-390
ORdebiandebian_linuxMatch3.1sparc
ORgentoolinux
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mantis | mantis | 0.19.0 | cpe:2.3:a:mantis:mantis:0.19.0:*:*:*:*:*:*:* |
| mantis | mantis | 0.19.0_rc1 | cpe:2.3:a:mantis:mantis:0.19.0_rc1:*:*:*:*:*:*:* |
| mantis | mantis | 0.19.0a1 | cpe:2.3:a:mantis:mantis:0.19.0a1:*:*:*:*:*:*:* |
| mantis | mantis | 0.19.0a2 | cpe:2.3:a:mantis:mantis:0.19.0a2:*:*:*:*:*:*:* |
| mantis | mantis | 0.19.1 | cpe:2.3:a:mantis:mantis:0.19.1:*:*:*:*:*:*:* |
| mantis | mantis | 0.19.2 | cpe:2.3:a:mantis:mantis:0.19.2:*:*:*:*:*:*:* |
| mantis | mantis | 1.0.0a1 | cpe:2.3:a:mantis:mantis:1.0.0a1:*:*:*:*:*:*:* |
| mantis | mantis | 1.0.0a2 | cpe:2.3:a:mantis:mantis:1.0.0a2:*:*:*:*:*:*:* |
| mantis | mantis | 1.0.0a3 | cpe:2.3:a:mantis:mantis:1.0.0a3:*:*:*:*:*:*:* |
| debian | debian_linux | 3.1 | cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2005-2557
2005-09-28 00:00:00
CVE-2005-3090
2005-09-28 00:00:00
cvelist
cvelist
CVE-2005-2557
2005-09-28 04:00:00
CVE-2005-3090
2005-09-28 04:00:00
nvd
nvd
CVE-2005-2557
2005-09-28 21:03:00
CVE-2005-3090
2005-09-28 22:03:00
cve
cve
CVE-2005-3090
2005-09-28 22:03:00
openvas
openvas
Debian: Security Advisory (DSA-778-1)
2008-01-17 00:00:00
MantisBT < 1.0.0rc2 Multiple Vulnerabilities
2006-03-26 00:00:00
Mantis Multiple Flaws (4)
2006-03-26 00:00:00
exploitdb
exploitdb
Mantis Bug Tracker 0.x/1.0 - Multiple Input Validation Vulnerabilities
2005-08-19 00:00:00
osv
osv
mantis - missing input sanitising
2005-08-19 00:00:00
nessus
nessus
Mantis < 1.0.0rc2 Multiple Vulnerabilities
2005-08-22 00:00:00
GLSA-200509-16 : Mantis: XSS and SQL injection vulnerabilities
2005-10-05 00:00:00
Debian DSA-778-1 : mantis - missing input sanitising
2005-08-23 00:00:00
debian
debian
[SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities
2005-08-19 13:59:56
[SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities
2005-08-19 13:59:56
securityvulns
securityvulns
[SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities
2005-08-19 00:00:00
gentoo
gentoo
Mantis: XSS and SQL injection vulnerabilities
2005-09-24 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.005
Percentile
76.9%
Related for CVE-2005-2557