Vulnerabilities > Mantisbt

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-31	CVE-2013-1931	Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) vulnerability in MantisBT 1.2.14 allows remote attackers to inject arbitrary web script or HTML via a version, related to deleting a version. network low complexity mantisbt fedoraproject CWE-79	6.1
2019-10-31	CVE-2013-1930	Improper Input Validation vulnerability in multiple products MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues. network low complexity mantisbt fedoraproject CWE-20	4.3
2019-10-09	CVE-2019-15715	OS Command Injection vulnerability in Mantisbt MantisBT before 1.3.20 and 2.22.1 allows Post Authentication Command Injection, leading to Remote Code Execution. network low complexity mantisbt CWE-78	7.2
2019-08-21	CVE-2019-15074	Cross-site Scripting vulnerability in Mantisbt The Timeline feature in my_view_page.php in MantisBT through 2.21.1 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted filename. network low complexity mantisbt CWE-79 critical	9.6
2019-06-20	CVE-2018-16514	Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in the View Filters page (view_filters_page.php) and Edit Filter page (manage_filter_edit_page.php) in MantisBT 2.1.0 through 2.17.0 allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted PATH_INFO. network high complexity mantisbt CWE-79	4.7
2019-06-06	CVE-2018-9839	Improper Input Validation vulnerability in Mantisbt An issue was discovered in MantisBT through 1.3.14, and 2.0.0. network low complexity mantisbt CWE-20	6.5
2018-10-30	CVE-2018-17783	Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in the Edit Filter page (manage_filter_edit page.php) in MantisBT 2.1.0 through 2.17.1 allows remote attackers (if access rights permit it) to inject arbitrary code (if CSP settings permit it) through a crafted project name. network low complexity mantisbt CWE-79	5.4
2018-10-30	CVE-2018-17782	Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in the Manage Filters page (manage_filter_page.php) in MantisBT 2.1.0 through 2.17.1 allows remote attackers (if access rights permit it) to inject arbitrary code (if CSP settings permit it) through a crafted project name. network low complexity mantisbt CWE-79	5.4
2018-09-02	CVE-2018-16362	Cross-site Scripting vulnerability in Mantisbt Source Integration An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT. network low complexity mantisbt CWE-79	6.1
2018-08-03	CVE-2018-14504	Cross-site Scripting vulnerability in Mantisbt An issue was discovered in manage_filter_edit_page.php in MantisBT 2.x through 2.15.0. network low complexity mantisbt CWE-79	6.1

Vulnerabilities > Mantisbt {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mantisbt"}]}

Vulnerabilities > Mantisbt