Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MantisBT 跨站脚本漏洞
Vulnerability Description
MantisBT是MantisBT(Mantisbt)团队的一套基于Web的开源缺陷跟踪系统。该系统以Web操作的形式提供项目管理及缺陷跟踪服务。 MantisBT 2.25.2 之前版本存在跨站脚本漏洞,该漏洞源于manage_custom_field_edit_page.php返回参数的未转义输出。攻击者可利用该漏洞将代码注入隐藏的输入字段中。
CVSS Information
N/A
Vulnerability Type
N/A