CVE-2017-12062
- Source
- https://cve.org/CVERecord?id=CVE-2017-12062
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12062.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-12062
- Aliases
- Published
- 2017-08-01T15:29:00.593Z
- Modified
- 2026-04-10T03:56:38.688440Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An XSS issue was discovered in manageuserpage.php in MantisBT 2.x before 2.5.2. The 'filter' field is not sanitized before being rendered in the Manage User page, allowing remote attackers to execute arbitrary JavaScript code if CSP is disabled.
- References
Affected packages
Git / github.com/mantisbt/mantisbt
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mantisbt/mantisbt
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "2.1.0" }, { "introduced": "0" }, { "last_affected": "2.1.1" }, { "introduced": "0" }, { "last_affected": "2.1.2" }, { "introduced": "0" }, { "last_affected": "2.1.3" }, { "introduced": "0" }, { "last_affected": "2.2.0" }, { "introduced": "0" }, { "last_affected": "2.2.1" }, { "introduced": "0" }, { "last_affected": "2.2.2" }, { "introduced": "0" }, { "last_affected": "2.2.3" }, { "introduced": "0" }, { "last_affected": "2.2.4" }, { "introduced": "0" }, { "last_affected": "2.3.0" }, { "introduced": "0" }, { "last_affected": "2.3.1" }, { "introduced": "0" }, { "last_affected": "2.3.2" }, { "introduced": "0" }, { "last_affected": "2.3.3" }, { "introduced": "0" }, { "last_affected": "2.4.0" }, { "introduced": "0" }, { "last_affected": "2.4.1" }, { "introduced": "0" }, { "last_affected": "2.4.2" }, { "introduced": "0" }, { "last_affected": "2.5.0" }, { "introduced": "0" }, { "last_affected": "2.5.1" } ] }
Affected versions
release-1.*
release-1.2.0a1
release-1.2.0a2
release-1.2.0a3
release-1.2.0rc1
release-1.3.0-beta.1
release-1.3.0-beta.2
release-1.3.0-beta.3
release-1.3.0-rc.1
release-1.3.0-rc.2
release-2.*
release-2.0.0
release-2.0.0-beta.1
release-2.0.0-beta.2
release-2.0.0-beta.3
release-2.0.0-rc.1
release-2.0.0-rc.2
release-2.1.0
release-2.1.1
release-2.1.2
release-2.1.3
release-2.2.0
release-2.2.1
release-2.2.2
release-2.2.3
release-2.2.4
release-2.3.0
release-2.3.1
release-2.3.2
release-2.3.3
release-2.4.0
release-2.4.1
release-2.4.2
release-2.5.0
release-2.5.1