FreeBSD : XSS issue in MantisBT (a83f25df-d775-11e0-8bf1-003067b2972c)

Medium Nessus Plugin ID 56080


The remote FreeBSD host is missing a security-related update.


Net.Edit0r from BlACK Hat Group reported an XSS issue in search.php.
All MantisBT users (including anonymous users that are not logged in to public bug trackers) could be impacted by this vulnerability.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 56080

File Name: freebsd_pkg_a83f25dfd77511e08bf1003067b2972c.nasl

Version: $Revision: 1.6 $

Type: local

Published: 2011/09/06

Modified: 2014/09/18

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mantis, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2011/09/05

Vulnerability Publication Date: 2011/08/18

Reference Information

CVE: CVE-2011-2938