Skip to main content
CVE-2014-9506 LOW Monitor

MantisBT before 1.2.18 does not properly check permissions when sending an email that indicates when a monitored issue is related to another issue, which allows remote authenticated users to obtain. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Mantisbt
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-9507 LOW PATCH Monitor

MediaWiki 1.21.x, 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgContentHandlerUseDB is enabled, allows remote attackers to conduct cross-site scripting (XSS) attacks by setting the content. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Mediawiki
NVD
CVSS 2.0
2.6
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy