{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T03:52:03.686","vulnerabilities":[{"cve":{"id":"CVE-2011-3578","sourceIdentifier":"cve@mitre.org","published":"2011-09-21T16:55:05.240","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the action parameter, related to bug_actiongroup_page.php, a different vulnerability than CVE-2011-3357."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en bug_actiongroup_ext_page.php en MantisBT antes de 1.2.8, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro action, relacionado con bug_actiongroup_page.php, una vulnerabilidad diferente de CVE-2011-3357"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*","versionEndIncluding":"1.2.7","matchCriteriaId":"E421063A-47DD-4307-AB38-331301A1DC6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:0.19.3:*:*:*:*:*:*:*","matchCriteriaId":"85A3FBD5-163C-4990-B809-A5C9C81A3C6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:0.19.4:*:*:*:*:*:*:*","matchCriteriaId":"D3FDF456-9648-4A7C-B15A-2828A32D4962"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6B2602F7-2D93-4E1E-9425-4EDD23752029"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.1:*:*:*:*:*:*:*","matchCriteriaId":"86DE3BE3-D6C9-4905-9E61-B70776460604"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"F128A2E2-D509-4B50-95C2-1A31C5B3B31F"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.3:*:*:*:*:*:*:*","matchCriteriaId":"140D5F68-1CAB-458C-BC8B-4F726D657FE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.4:*:*:*:*:*:*:*","matchCriteriaId":"0D25F4F5-7678-41C1-93CB-305883A08527"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"D1A1316D-314B-4740-A836-D5E6319F4B28"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.6:*:*:*:*:*:*:*","matchCriteriaId":"DBD27CCE-28C4-43CC-8CBD-D7FFB46171AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.7:*:*:*:*:*:*:*","matchCriteriaId":"97298C43-B881-4C11-ADB6-17A8E43EB84E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.0.8:*:*:*:*:*:*:*","matchCriteriaId":"7257ADD7-C9B7-4F85-AA13-615DD033FD5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"02FE950B-5E29-4FAA-9BE5-79F38B4C38F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.1.1:*:*:*:*:*:*:*","matchCriteriaId":"D6F2BA78-D054-4E49-ABCA-637922898BF7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.1.2:*:*:*:*:*:*:*","matchCriteriaId":"4595B1E3-25AB-489E-A847-FDBF2554DD6D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.1.4:*:*:*:*:*:*:*","matchCriteriaId":"C11A8F17-5253-475B-89FF-A26EA7531E13"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.1.5:*:*:*:*:*:*:*","matchCriteriaId":"4A88B09D-CDCF-45FD-B004-13B597DA4F48"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.1.6:*:*:*:*:*:*:*","matchCriteriaId":"49583BE8-B832-4E9F-B154-47A26C72489D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.1.7:*:*:*:*:*:*:*","matchCriteriaId":"E2501F40-3630-4528-BE0A-61D4BB6EC7FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.1.8:*:*:*:*:*:*:*","matchCriteriaId":"9223DAF7-D03E-4A4E-8AB5-5CEB87DFF2C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.2.0:*:*:*:*:*:*:*","matchCriteriaId":"CFF77ABF-0A03-437A-B241-1EF2BBB83D24"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"5F096CD6-534E-4ABF-B2DF-D4B55B8C5F6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.2.2:*:*:*:*:*:*:*","matchCriteriaId":"A66AB537-6FBA-4A51-B10C-BF61F54BC01B"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.2.3:*:*:*:*:*:*:*","matchCriteriaId":"A50835BF-D28B-47FF-81F0-C34D95D6F2E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.2.4:*:*:*:*:*:*:*","matchCriteriaId":"BA0EB9A6-1DFD-4C17-A002-0899DA252A56"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.2.5:*:*:*:*:*:*:*","matchCriteriaId":"BBA33285-3EE7-43FD-8347-E7D9A18DC134"},{"vulnerable":true,"criteria":"cpe:2.3:a:mantisbt:mantisbt:1.2.6:*:*:*:*:*:*:*","matchCriteriaId":"8827C2B4-EBEC-4D64-9AC8-07A048467F40"}]}]}],"references":[{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297","source":"cve@mitre.org","tags":["Exploit","Patch"]},{"url":"http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html","source":"cve@mitre.org","tags":["Exploit","Patch"]},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html","source":"cve@mitre.org","tags":["Exploit","Patch"]},{"url":"http://secunia.com/advisories/45961","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/51199","source":"cve@mitre.org"},{"url":"http://security.gentoo.org/glsa/glsa-201211-01.xml","source":"cve@mitre.org"},{"url":"http://securityreason.com/securityalert/8392","source":"cve@mitre.org"},{"url":"http://www.debian.org/security/2011/dsa-2308","source":"cve@mitre.org"},{"url":"http://www.mantisbt.org/bugs/view.php?id=13281","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2011/09/04/1","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2011/09/04/2","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2011/09/09/9","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.securityfocus.com/archive/1/519547/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/49448","source":"cve@mitre.org"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=735514","source":"cve@mitre.org","tags":["Exploit","Patch"]},{"url":"https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://secunia.com/advisories/45961","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/51199","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://security.gentoo.org/glsa/glsa-201211-01.xml","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securityreason.com/securityalert/8392","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.debian.org/security/2011/dsa-2308","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mantisbt.org/bugs/view.php?id=13281","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2011/09/04/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2011/09/04/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2011/09/09/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.securityfocus.com/archive/1/519547/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/49448","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=735514","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}}]}