Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows remote attackers to inject arbitrary web script or HTML via (1) the return parameter to login_page.php, (2) e-mail field in signup.php, (3) action parameter to login_select_proj_page.php, or (4) hide_status parameter to view_all_set.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mantis | Mantis | 0.9 (including) | 0.9 (including) |
Mantis | Mantis | 0.9.1 (including) | 0.9.1 (including) |
Mantis | Mantis | 0.10 (including) | 0.10 (including) |
Mantis | Mantis | 0.10.1 (including) | 0.10.1 (including) |
Mantis | Mantis | 0.10.2 (including) | 0.10.2 (including) |
Mantis | Mantis | 0.11 (including) | 0.11 (including) |
Mantis | Mantis | 0.11.1 (including) | 0.11.1 (including) |
Mantis | Mantis | 0.12 (including) | 0.12 (including) |
Mantis | Mantis | 0.13 (including) | 0.13 (including) |
Mantis | Mantis | 0.13.1 (including) | 0.13.1 (including) |
Mantis | Mantis | 0.14 (including) | 0.14 (including) |
Mantis | Mantis | 0.14.1 (including) | 0.14.1 (including) |
Mantis | Mantis | 0.14.2 (including) | 0.14.2 (including) |
Mantis | Mantis | 0.14.3 (including) | 0.14.3 (including) |
Mantis | Mantis | 0.14.4 (including) | 0.14.4 (including) |
Mantis | Mantis | 0.14.5 (including) | 0.14.5 (including) |
Mantis | Mantis | 0.14.6 (including) | 0.14.6 (including) |
Mantis | Mantis | 0.14.7 (including) | 0.14.7 (including) |
Mantis | Mantis | 0.14.8 (including) | 0.14.8 (including) |
Mantis | Mantis | 0.15 (including) | 0.15 (including) |
Mantis | Mantis | 0.15.1 (including) | 0.15.1 (including) |
Mantis | Mantis | 0.15.2 (including) | 0.15.2 (including) |
Mantis | Mantis | 0.15.3 (including) | 0.15.3 (including) |
Mantis | Mantis | 0.15.4 (including) | 0.15.4 (including) |
Mantis | Mantis | 0.15.5 (including) | 0.15.5 (including) |
Mantis | Mantis | 0.15.6 (including) | 0.15.6 (including) |
Mantis | Mantis | 0.15.7 (including) | 0.15.7 (including) |
Mantis | Mantis | 0.15.8 (including) | 0.15.8 (including) |
Mantis | Mantis | 0.15.9 (including) | 0.15.9 (including) |
Mantis | Mantis | 0.15.10 (including) | 0.15.10 (including) |
Mantis | Mantis | 0.15.11 (including) | 0.15.11 (including) |
Mantis | Mantis | 0.15.12 (including) | 0.15.12 (including) |
Mantis | Mantis | 0.16 (including) | 0.16 (including) |
Mantis | Mantis | 0.16.0 (including) | 0.16.0 (including) |
Mantis | Mantis | 0.16.1 (including) | 0.16.1 (including) |
Mantis | Mantis | 0.17 (including) | 0.17 (including) |
Mantis | Mantis | 0.17.0 (including) | 0.17.0 (including) |
Mantis | Mantis | 0.17.1 (including) | 0.17.1 (including) |
Mantis | Mantis | 0.17.2 (including) | 0.17.2 (including) |
Mantis | Mantis | 0.17.3 (including) | 0.17.3 (including) |
Mantis | Mantis | 0.17.4 (including) | 0.17.4 (including) |
Mantis | Mantis | 0.17.4a (including) | 0.17.4a (including) |
Mantis | Mantis | 0.17.5 (including) | 0.17.5 (including) |
Mantis | Mantis | 0.18 (including) | 0.18 (including) |
Mantis | Mantis | 0.18.0_rc1 (including) | 0.18.0_rc1 (including) |
Mantis | Mantis | 0.18.0a2 (including) | 0.18.0a2 (including) |
Mantis | Mantis | 0.18.0a3 (including) | 0.18.0a3 (including) |
Mantis | Mantis | 0.18.0a4 (including) | 0.18.0a4 (including) |
Mantis | Mantis | 0.18a1 (including) | 0.18a1 (including) |
Mantis | Mantis | 0.19.0a (including) | 0.19.0a (including) |