View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0012369 | mantisbt | security | public | 2010-09-18 17:32 | 2015-03-15 20:18 |
Reporter | giallu | Assigned To | giallu | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.1.8 | ||||
Fixed in Version | 1.1.x | ||||
Summary | 0012369: CVE-2010-2574: XSS vulnerability when deleting maliciously named categories | ||||
Description | As reported by Secunia, SA40832, there is an XSS vulnerability when deleting categories that have been maliciously named. Chance of attack is extremely low due to requiring project manager access. This is CVE-2010-2574 | ||||
Additional Information | Official Secunia announcement: http://secunia.com/advisories/40832/ | ||||
Tags | No tags attached. | ||||
related to | 0012230 | closed | CVE-2010-2574: XSS vulnerability when deleting maliciously named categories |