CVE-2017-6958
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-6958
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-6958.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-6958
- Published
- 2017-03-17T09:59:00Z
- Modified
- 2025-04-20T04:01:22.191444Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An XSS vulnerability in the MantisBT Source Integration Plugin (before 2.0.2) search result page allows an attacker to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by crafting any valid parameter.
- References
Affected packages
Git / github.com/mantisbt-plugins/source-integration
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mantisbt-plugins/source-integration
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
Source-0.*
Source-0.10
Source-0.11
Source-0.12
Source-0.12a
Source-0.9
Source-0.9a
Source-0.9b
Source-0.9c
release-0.*
release-0.13.0
release-0.13.1
release-0.13.2
v0.*
v0.14
v0.15
v0.16
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17
v0.18
v0.19
v1.*
v1.3.0
v1.3.1
v1.3.2
v1.4.0
v1.4.1
v1.5.0
v1.5.1
v2.*
v2.0.0
v2.0.0-beta.1
v2.0.0-beta.2
v2.0.1