Lucene search
Ubuntu.comUB:CVE-2011-2938HistorySep 21, 2011 - 12:00 a.m.
CVE-2011-2938
2011-09-2100:00:00
ubuntu.com
ubuntu.com
7
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.018
Percentile
88.1%
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in
MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script
or HTML via a parameter, as demonstrated by the project_id parameter to
search.php.
Bugs
- <https://bugs.launchpad.net/ubuntu/+source/mantis/+bug/828857>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638321>
Notes
| Author | Note |
|---|---|
| jdstrand | per Debian, 1.1.8 not affected |
Related
openvas
openvas
FreeBSD Ports: mantis
2011-09-21 00:00:00
FreeBSD Ports: mantis
2011-09-21 00:00:00
MantisBT Cross Site Scripting and SQL Injection Vulnerabilities
2011-08-19 00:00:00
exploitdb
exploitdb
Mantis Bug Tracker 1.1.8 - Cross-Site Scripting / SQL Injection
2011-08-18 00:00:00
cve
cve
CVE-2011-2938
2011-09-21 16:55:04
prion
prion
Cross site scripting
2011-09-21 16:55:00
cvelist
cvelist
CVE-2011-2938
2011-09-21 16:00:00
nvd
nvd
CVE-2011-2938
2011-09-21 16:55:04
nessus
nessus
FreeBSD : XSS issue in MantisBT (a83f25df-d775-11e0-8bf1-003067b2972c)
2011-09-06 00:00:00
Fedora 16 : mantis-1.2.8-1.fc16 (2011-12336)
2011-10-03 00:00:00
Fedora 15 : mantis-1.2.8-1.fc15 (2011-12369)
2011-09-19 00:00:00
freebsd
freebsd
XSS issue in MantisBT
2011-08-18 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: mantis-1.2.8-1.fc16
2011-09-30 19:13:32
[SECURITY] Fedora 15 Update: mantis-1.2.8-1.fc15
2011-09-18 00:57:23
gentoo
gentoo
MantisBT: Multiple vulnerabilities
2012-11-08 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.018
Percentile
88.1%
Related for UB:CVE-2011-2938