Lucene search
Ubuntu.comUB:CVE-2011-3356HistorySep 21, 2011 - 12:00 a.m.
CVE-2011-3356
2011-09-2100:00:00
ubuntu.com
ubuntu.com
12
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
71.2%
Multiple cross-site scripting (XSS) vulnerabilities in
config_defaults_inc.php in MantisBT before 1.2.8 allow remote attackers to
inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by
the PATH_INFO to (1) manage_config_email_page.php, (2)
manage_config_workflow_page.php, or (3) bugs/plugin.php.
Bugs
Related
nvd
nvd
CVE-2011-3356
2011-09-21 16:55:04
cvelist
cvelist
CVE-2011-3356
2011-09-21 16:00:00
prion
prion
Cross site scripting
2011-09-21 16:55:00
cve
cve
CVE-2011-3356
2011-09-21 16:55:04
openvas
openvas
MantisBT < 1.2.8 Multiple Local File Include and XSS Vulnerabilities
2011-09-30 00:00:00
Fedora Update for mantis FEDORA-2011-12369
2011-09-20 00:00:00
Fedora Update for mantis FEDORA-2011-12369
2011-09-20 00:00:00
htbridge
htbridge
Multiple Vulnerabilities in MantisBT
2011-08-31 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: mantis-1.2.8-1.fc15
2011-09-18 00:57:23
[SECURITY] Fedora 16 Update: mantis-1.2.8-1.fc16
2011-09-30 19:13:32
nessus
nessus
Fedora 15 : mantis-1.2.8-1.fc15 (2011-12369)
2011-09-19 00:00:00
Fedora 16 : mantis-1.2.8-1.fc16 (2011-12336)
2011-10-03 00:00:00
GLSA-201211-01 : MantisBT: Multiple vulnerabilities
2012-11-09 00:00:00
gentoo
gentoo
MantisBT: Multiple vulnerabilities
2012-11-08 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
71.2%
Related for UB:CVE-2011-3356