Launchpad CVE tracker

CVE 2007-6611

Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php.

Related bugs and status

CVE-2007-6611 (Candidate) is related to these bugs:

Bug #185021: [mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities

		In	Importance	Status
185021	[mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities	mantis (Ubuntu)	Undecided	Fix Released
185021	[mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities	mantis (Debian)	Unknown	Fix Released
185021	[mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities	mantis (Ubuntu Dapper)	Undecided	Won't Fix
185021	[mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities	mantis (Ubuntu Edgy)	Undecided	Won't Fix
185021	[mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities	mantis (Ubuntu Feisty)	Undecided	Won't Fix
185021	[mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities	mantis (Ubuntu Gutsy)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://sourceforge.net...
CONFIRM: http://www.mantisbt.or...
BID: 27045
SECUNIA: 28185
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2008-0282
FEDORA: FEDORA-2008-0353
SECUNIA: 28352
DEBIAN: DSA-1467
SECUNIA: 28551
GENTOO: GLSA-200803-04
SECUNIA: 29198
OSVDB: 39873

Launchpad.net

CVE 2007-6611

Related bugs and status

Related bugs

References