CVE-2013-4460

Published: Jan 10, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.mantisbt.org/bugs/view.php?id=16513

x_refsource_CONFIRM

98823

vdb-entry

x_refsource_OSVDB

https://github.com/mantisbt/mantisbt/commit/0002d106a6cd35cb0a6fe03246531a4e3f32c9d0#diff-4122320b011a3291cd45da074a867076

x_refsource_CONFIRM

[oss-security] 20131022 Re: CVE Request: MantisBT before 1.2.16 XSS vulnerability

mailing-list

x_refsource_MLIST

55305

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4460

Description

Affected Products

References