CVE-2014-9280

2014-12-08T11:59:13
ID CVE-2014-9280
Type cve
Reporter NVD
Modified 2017-09-07T21:29:33

Description

The current_user_get_bug_filter function in core/current_user_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter.