CVE-2022-28508

Published: May 4, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://mantisbt.org/

x_refsource_MISC

https://sourceforge.net/projects/mantisbt/

x_refsource_MISC

https://github.com/YavuzSahbaz/CVE-2022-28508/blob/main/MantisBT%202.25.2%20XSS%20vulnurability

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-28508

Description

Affected Products

References