← Voltar para CVEs
CVE-2010-3303
N/ADescricao
Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) a plugin name, related to manage_plugin_uninstall.php; (2) an enumeration value or (3) a String value of a custom field, related to core/cfdefs/cfdef_standard.php; or a (4) project or (5) category name to print_all_bug_page_word.php.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado10/5/2010
Ultima modificacao4/29/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
mantisbt:mantisbt
Fraquezas (CWE)
CWE-79
Referencias
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048548.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.html(secalert@redhat.com)
http://secunia.com/advisories/41653(secalert@redhat.com)
http://secunia.com/advisories/51199(secalert@redhat.com)
http://security.gentoo.org/glsa/glsa-201211-01.xml(secalert@redhat.com)
http://www.mantisbt.org/bugs/changelog_page.php?version_id=111(secalert@redhat.com)
http://www.mantisbt.org/bugs/view.php?id=12231(secalert@redhat.com)
http://www.mantisbt.org/bugs/view.php?id=12232(secalert@redhat.com)
http://www.mantisbt.org/bugs/view.php?id=12234(secalert@redhat.com)
http://www.mantisbt.org/bugs/view.php?id=12238(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2010/09/14/12(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2010/09/14/13(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2010/09/14/19(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2010/09/16/16(secalert@redhat.com)
http://www.securityfocus.com/bid/43604(secalert@redhat.com)
http://www.vupen.com/english/advisories/2010/2535(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048548.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/41653(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/51199(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201211-01.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.mantisbt.org/bugs/changelog_page.php?version_id=111(af854a3a-2127-422b-91ae-364da2661108)
http://www.mantisbt.org/bugs/view.php?id=12231(af854a3a-2127-422b-91ae-364da2661108)
http://www.mantisbt.org/bugs/view.php?id=12232(af854a3a-2127-422b-91ae-364da2661108)
http://www.mantisbt.org/bugs/view.php?id=12234(af854a3a-2127-422b-91ae-364da2661108)
http://www.mantisbt.org/bugs/view.php?id=12238(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/09/14/12(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/09/14/13(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/09/14/19(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/09/16/16(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/43604(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/2535(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.