Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the summary of the bug, which is not quoted when view_all_bug_page.php is used to delete the bug, as identified by bug#0006002, a different vulnerability than CVE-2005-2557.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mantis bug_actiongroup_page.php跨站脚本攻击(XSS)漏洞
Vulnerability Description
Mantis是用PHP脚本语言编写的基于web的漏洞跟踪系统。 Mantis 0.19.0a1 至 1.0.0a3版本中的bug_actiongroup_page.php脚本存在跨站脚本攻击(XSS)漏洞,远程攻击者可通过bug摘要注入任意脚本或HTML,这点在用view_all_bug_page.php脚本删除bug时没有指出,由#0006002bug识别。
CVSS Information
N/A
Vulnerability Type
N/A