Mantis.Bug.Tracker.Filter.API.View.Type.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting Vulnerability in the Filter API component of Mantis Bug Tracker.
The vulnerability is due to an input validation error while parsing a crafted HTTP request. A remote attacker could exploit this to execute arbitrary script code within the context of the target user's browser, by enticing authenticated users to click on a crafted link.
Affected Products
Mantis Bug Tracker 1.3.0 and prior
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser
Recommended Actions
Apply the latest patch from the vendor.
https://mantisbt.org/bugs/view.php?id=21611
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |