MantisBT.Prior.to.1.2.14.Cross-site.Scripting.Vulnerabilities

description-logoDescription

MantisBT is a popular free web-based bug tracking system.
This application is prone to the following cross-site scripting vulnerabilities:
CVE-2013-1932, CVE-2013-1934,CVE-2013-0197, CVE-2013-1810, CVE-2013-1811

affected-products-logoAffected Products

MantisBT version 1.2.x prior to 1.2.14

Impact logoImpact

The vulnerabilities would allow remote attackers to inject arbitrary web script or HTML.

recomended-action-logoRecommended Actions

Please upgrade to version 1.2.14 or later from the vendor's website: http://www.mantisbt.org .

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)