|
|
Family: CGI abuses : XSS --> Category: infos
Mantis multiple unspecified XSS Vulnerability Scan
Vulnerability Scan Summary
Checks for the version of Mantis
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is prone
to cross-site scripting attacks.
Description :
According to its banner, the remote version of Mantis contains a flaw
in the handling of some types of input. Because of this, a possible hacker
may be able to cause arbitrary HTML and script code to be executed in
a user's browser within the security context of the affected web site.
See also :
http://sourceforge.net/project/shownotes.php?release_id=202559
Solution :
Upgrade to Mantis 0.18.1 or newer.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
