NVD

Id
36555  
Name
CVE-2013-0197  
Description
Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the match_type parameter to bugs/search.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2014-05-15  
Modified Date
2014-05-16  
Seq
2013-0197  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
186733 36555 CVE-2013-0197 http://hauntit.blogspot.de/2013/01/en-mantis-bug-tracker-1212-persistent.html  View
186734 36555 CVE-2013-0197 [oss-security] 20130118 CVE request: MantisBT before 1.2.13 match_type XSS vulnerability  View
186735 36555 CVE-2013-0197 [oss-security] 20130118 Re: CVE request: MantisBT before 1.2.13 match_type XSS vulnerability  View
186736 36555 CVE-2013-0197 [oss-security] 20130121 Re: CVE request: MantisBT before 1.2.13 match_type XSS vulnerability  View
186737 36555 CVE-2013-0197 http://www.mantisbt.org/bugs/view.php?id=15373  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
24887 JVNDB-2013-006462 MantisBT の core/filter_api.php 内の filter_draw_selection_area2 関数におけるクロスサイトスクリプティングの脆弱性 MantisBT の core/filter_api.php 内の filter_draw_selection_area2 関数には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2013-0197 60139 CVE-2013-0197 36555 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006462.html 2013-01-18 2014-05-19 View