Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows remote malicious users to inject arbitrary web script or HTML via (1) the return parameter to login_page.php, (2) e-mail field in signup.php, (3) action parameter to login_select_proj_page.php, or (4) hide_status parameter to view_all_set.php.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mantis mantis 0.13 |
||
mantis mantis 0.13.1 |
||
mantis mantis 0.14.6 |
||
mantis mantis 0.14.7 |
||
mantis mantis 0.15.3 |
||
mantis mantis 0.15.4 |
||
mantis mantis 0.16.0 |
||
mantis mantis 0.16.1 |
||
mantis mantis 0.17.4a |
||
mantis mantis 0.17.5 |
||
mantis mantis 0.9 |
||
mantis mantis 0.9.1 |
||
mantis mantis 0.11.1 |
||
mantis mantis 0.12 |
||
mantis mantis 0.14.4 |
||
mantis mantis 0.14.5 |
||
mantis mantis 0.15.12 |
||
mantis mantis 0.15.2 |
||
mantis mantis 0.15.9 |
||
mantis mantis 0.16 |
||
mantis mantis 0.17.3 |
||
mantis mantis 0.17.4 |
||
mantis mantis 0.18a1 |
||
mantis mantis 0.19.0a |
||
mantis mantis 0.10.2 |
||
mantis mantis 0.11 |
||
mantis mantis 0.14.2 |
||
mantis mantis 0.14.3 |
||
mantis mantis 0.15.1 |
||
mantis mantis 0.15.10 |
||
mantis mantis 0.15.11 |
||
mantis mantis 0.15.7 |
||
mantis mantis 0.15.8 |
||
mantis mantis 0.17.1 |
||
mantis mantis 0.17.2 |
||
mantis mantis 0.18.0a2 |
||
mantis mantis 0.18.0a3 |
||
mantis mantis 0.18.0a4 |
||
mantis mantis 0.10 |
||
mantis mantis 0.10.1 |
||
mantis mantis 0.14 |
||
mantis mantis 0.14.1 |
||
mantis mantis 0.14.8 |
||
mantis mantis 0.15 |
||
mantis mantis 0.15.5 |
||
mantis mantis 0.15.6 |
||
mantis mantis 0.17 |
||
mantis mantis 0.17.0 |
||
mantis mantis 0.18 |
||
mantis mantis 0.18.0_rc1 |
Vulmon