CVE-2008-3331
published 2008-07-27CVE-2008-3331: Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML…
PriorityP418low3.5CVSS 2.0
AVNACMAuSCNIPAN
EXPLOIT
EPSS
3.80%
88.7th percentile
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter.
Affected
95 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mantis | mantis | <= 1.1.1 | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
| mantis | mantis | — | — |
CVSS provenance
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
vendor_redhat3.5LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
mantis: XSS in return_dynamic_filters.php
vendor_redhat·2008-05-20·CVSS 3.5
CVE-2008-3331 [LOW] CWE-79 mantis: XSS in return_dynamic_filters.php
mantis: XSS in return_dynamic_filters.php
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter.
GHSA
GHSA-r7qg-49m3-m675: Cross-site scripting (XSS) vulnerability in return_dynamic_filters
ghsa_unreviewed·2022-05-01
CVE-2008-3331 [LOW] CWE-79 GHSA-r7qg-49m3-m675: Cross-site scripting (XSS) vulnerability in return_dynamic_filters
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter.
No detection rules found.
http://marc.info/?l=bugtraq&m=121130774617956&w=4http://secunia.com/advisories/30270http://secunia.com/advisories/31972http://securityreason.com/securityalert/4044http://www.gentoo.org/security/en/glsa/glsa-200809-10.xmlhttp://www.mantisbt.org/bugs/changelog_page.phphttp://www.securityfocus.com/bid/29297http://www.vupen.com/english/advisories/2008/1598/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/42549https://www.exploit-db.com/exploits/5657http://marc.info/?l=bugtraq&m=121130774617956&w=4http://secunia.com/advisories/30270http://secunia.com/advisories/31972http://securityreason.com/securityalert/4044http://www.gentoo.org/security/en/glsa/glsa-200809-10.xmlhttp://www.mantisbt.org/bugs/changelog_page.phphttp://www.securityfocus.com/bid/29297http://www.vupen.com/english/advisories/2008/1598/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/42549https://www.exploit-db.com/exploits/5657
2008-07-27
Published