CVE-2018-17782
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-17782
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-17782.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-17782
- Published
- 2018-10-30T18:29:00Z
- Modified
- 2025-01-08T05:03:17.141092Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A cross-site scripting (XSS) vulnerability in the Manage Filters page (managefilterpage.php) in MantisBT 2.1.0 through 2.17.1 allows remote attackers (if access rights permit it) to inject arbitrary code (if CSP settings permit it) through a crafted project name.
- References
Affected packages
Git / github.com/mantisbt/mantisbt
Affected versions
release-1.*
release-1.3.6
release-2.*
release-2.1.0
release-2.1.1
release-2.10.0
release-2.11.0
release-2.12.0
release-2.13.0
release-2.13.1
release-2.14.0
release-2.15.0
release-2.16.0
release-2.17.0
release-2.17.1
release-2.2.0
release-2.2.1
release-2.2.2
release-2.3.0
release-2.3.1
release-2.3.2
release-2.4.0
release-2.4.1
release-2.5.0
release-2.5.1
release-2.6.0
release-2.7.0
release-2.8.0
release-2.9.0