FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

XSS issue in MantisBT

Affected packages
1.2.0 <= mantis < 1.2.7

Details

VuXML ID a83f25df-d775-11e0-8bf1-003067b2972c
Discovery 2011-08-18
Entry 2011-09-05

Net.Edit0r from BlACK Hat Group reported an XSS issue in search.php. All MantisBT users (including anonymous users that are not logged in to public bug trackers) could be impacted by this vulnerability.

References

CVE Name CVE-2011-2938
FreeBSD PR ports/160368