Lucene search
MitreCVE-2005-3091HistorySep 28, 2005 - 10:03 p.m.
CVE-2005-3091
2005-09-2822:03:00
mitre
web.nvd.nist.gov
35
cve-2005-3091
cross-site scripting
xss vulnerability
mantis
1.0.0rc1
remote attackers
web script
html
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.004
Percentile
75.0%
Cross-site scripting (XSS) vulnerability in Mantis before 1.0.0rc1 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, as identified by bug#0005751 “thraxisp”.
Affected configurations
Node
mantismantisMatch0.9.0
ORmantismantisMatch0.9.1
ORmantismantisMatch0.10.0
ORmantismantisMatch0.10.1
ORmantismantisMatch0.10.2
ORmantismantisMatch0.11.0
ORmantismantisMatch0.11.1
ORmantismantisMatch0.12.0
ORmantismantisMatch0.13.0
ORmantismantisMatch0.13.1
ORmantismantisMatch0.14.0
ORmantismantisMatch0.14.1
ORmantismantisMatch0.14.2
ORmantismantisMatch0.14.3
ORmantismantisMatch0.14.4
ORmantismantisMatch0.14.5
ORmantismantisMatch0.14.6
ORmantismantisMatch0.14.7
ORmantismantisMatch0.14.8
ORmantismantisMatch0.15.0
ORmantismantisMatch0.15.1
ORmantismantisMatch0.15.2
ORmantismantisMatch0.15.3
ORmantismantisMatch0.15.4
ORmantismantisMatch0.15.5
ORmantismantisMatch0.15.6
ORmantismantisMatch0.15.7
ORmantismantisMatch0.15.8
ORmantismantisMatch0.15.9
ORmantismantisMatch0.15.10
ORmantismantisMatch0.15.11
ORmantismantisMatch0.15.12
ORmantismantisMatch0.16.0
ORmantismantisMatch0.16.1
ORmantismantisMatch0.17.0
ORmantismantisMatch0.17.1
ORmantismantisMatch0.17.2
ORmantismantisMatch0.17.3
ORmantismantisMatch0.17.4
ORmantismantisMatch0.17.4a
ORmantismantisMatch0.17.5
ORmantismantisMatch0.18.0
ORmantismantisMatch0.18.0_rc1
ORmantismantisMatch0.18.0a1
ORmantismantisMatch0.18.0a2
ORmantismantisMatch0.18.0a3
ORmantismantisMatch0.18.0a4
ORmantismantisMatch0.18.1
ORmantismantisMatch0.18.2
ORmantismantisMatch0.18.3
ORmantismantisMatch0.19.0
ORmantismantisMatch0.19.0_rc1
ORmantismantisMatch0.19.0a1
ORmantismantisMatch0.19.0a2
ORmantismantisMatch0.19.1
ORmantismantisMatch0.19.2
ORmantismantisMatch1.0.0a1
ORmantismantisMatch1.0.0a2
ORmantismantisMatch1.0.0a3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mantis | mantis | 0.9.0 | cpe:2.3:a:mantis:mantis:0.9.0:*:*:*:*:*:*:* |
| mantis | mantis | 0.9.1 | cpe:2.3:a:mantis:mantis:0.9.1:*:*:*:*:*:*:* |
| mantis | mantis | 0.10.0 | cpe:2.3:a:mantis:mantis:0.10.0:*:*:*:*:*:*:* |
| mantis | mantis | 0.10.1 | cpe:2.3:a:mantis:mantis:0.10.1:*:*:*:*:*:*:* |
| mantis | mantis | 0.10.2 | cpe:2.3:a:mantis:mantis:0.10.2:*:*:*:*:*:*:* |
| mantis | mantis | 0.11.0 | cpe:2.3:a:mantis:mantis:0.11.0:*:*:*:*:*:*:* |
| mantis | mantis | 0.11.1 | cpe:2.3:a:mantis:mantis:0.11.1:*:*:*:*:*:*:* |
| mantis | mantis | 0.12.0 | cpe:2.3:a:mantis:mantis:0.12.0:*:*:*:*:*:*:* |
| mantis | mantis | 0.13.0 | cpe:2.3:a:mantis:mantis:0.13.0:*:*:*:*:*:*:* |
| mantis | mantis | 0.13.1 | cpe:2.3:a:mantis:mantis:0.13.1:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2005-3091
2005-09-28 00:00:00
cvelist
cvelist
CVE-2005-3091
2005-09-28 04:00:00
nvd
nvd
CVE-2005-3091
2005-09-28 22:03:00
osv
osv
mantis - several
2005-11-22 00:00:00
openvas
openvas
Mantis Multiple Flaws (4)
2006-03-26 00:00:00
MantisBT < 1.0.0rc2 Multiple Vulnerabilities
2006-03-26 00:00:00
Debian: Security Advisory (DSA-905-1)
2008-01-17 00:00:00
nessus
nessus
Mantis < 1.0.0rc2 Multiple Vulnerabilities
2005-08-22 00:00:00
Debian DSA-778-1 : mantis - missing input sanitising
2005-08-23 00:00:00
Mantis < 0.19.3 Multiple Vulnerabilities
2005-10-27 00:00:00
debian
debian
[SECURITY] [DSA 905-1] New mantis packages fix several vulnerabilities
2005-11-22 05:51:33
[SECURITY] [DSA 905-1] New mantis packages fix several vulnerabilities
2005-11-22 05:51:33
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.004
Percentile
75.0%
Related for CVE-2005-3091