FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mantis -- XSS vulnerability

Affected packages
		mantis	<	1.2.19

Details

VuXML ID	2b63e964-eb04-11e6-9ac1-a4badb2f4699
Discovery	2016-08-15
Entry	2017-02-04

wdollman reports:

The value of the view_type parameter on the view_all_bug_page.php page is not encoded before being displayed on the page.

[source]

References

CVE Name	CVE-2016-6837
FreeBSD PR	ports/216662
URL	https://mantisbt.org/bugs/view.php?id=21611

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.