Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 up to and including 1.0.0a3 allows remote malicious users to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mantis mantis 0.19.0 |
||
mantis mantis 1.0.0a2 |
||
mantis mantis 1.0.0a3 |
||
mantis mantis 0.19.0a2 |
||
mantis mantis 0.19.1 |
||
mantis mantis 0.19.2 |
||
mantis mantis 1.0.0a1 |
||
mantis mantis 0.19.0_rc1 |
||
mantis mantis 0.19.0a1 |
||
debian debian linux 3.1 |
||
gentoo linux |