Multiple cross-site scripting (XSS) vulnerabilities in the view_filters_page.php filters script in Mantis 1.0.0rc3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) view_type and (2) target_field parameters.
Software | From | Fixed in |
---|---|---|
mantis / mantis | 1.0.0_rc1 | 1.0.0_rc1.x |
mantis / mantis | 1.0.0_rc2 | 1.0.0_rc2.x |
mantis / mantis | 1.0.0_rc3 | 1.0.0_rc3.x |
mantis / mantis | 1.0.0a1 | 1.0.0a1.x |
mantis / mantis | 1.0.0a2 | 1.0.0a2.x |
mantis / mantis | 1.0.0a3 | 1.0.0a3.x |