CVE-2013-1932

NameCVE-2013-1932
DescriptionA cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mantissource(unstable)(not affected)

Notes

- mantis <not-affected> (affects Mantis 1.2.13 only)
http://www.openwall.com/lists/oss-security/2013/04/04/8

Search for package or bug name: Reporting problems