CVE-2005-2557

Published: Sep 28, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090.

Affected (23)

Products: Mantis: Mantis · Debian: Debian Linux · Gentoo: Linux

1 product

1 product

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Mantis Mantis	Version 0.19.0
Mantis Mantis	Version 0.19.0_rc1
Mantis Mantis	Version 0.19.0a1
Mantis Mantis	Version 0.19.0a2
Mantis Mantis	Version 0.19.1
Mantis Mantis	Version 0.19.2
Mantis Mantis	Version 1.0.0a1
Mantis Mantis	Version 1.0.0a2
Mantis Mantis	Version 1.0.0a3

Configuration B

14 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Debian Debian Linux	Version 3.1
Gentoo Linux	All versions