Back to search
CVE-2014-9281
Published: Dec 9, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in admin/copy_field.php in MantisBT before 1.2.18 allows remote attackers to inject arbitrary web script or HTML via the dest_id field.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.mantisbt.org/bugs/view.php?id=17876
x_refsource_CONFIRM
[oss-security] 20141205 Re: CVE Request: Multiple XSS vulnerabilities in MantisBT
mailing-list
x_refsource_MLIST
https://github.com/mantisbt/mantisbt/commit/e5fc835a
x_refsource_CONFIRM
71371
vdb-entry
x_refsource_BID
62101
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20141201 CVE Request: Multiple XSS vulnerabilities in MantisBT
mailing-list
x_refsource_MLIST
[oss-security] 20141205 Re: CVE Request: Multiple XSS vulnerabilities in MantisBT
mailing-list
x_refsource_MLIST
DSA-3120
vendor-advisory
x_refsource_DEBIAN
mantisbt-copyfield-xss(99038)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now