CVE-2016-6837

2017-01-10T15:59:00
ID CVE-2016-6837
Type cve
Reporter cve@mitre.org
Modified 2017-01-11T02:17:00

Description

Cross-site scripting (XSS) vulnerability in MantisBT Filter API in MantisBT versions before 1.2.19, and versions 2.0.0-beta1, 1.3.0-beta1 allows remote attackers to inject arbitrary web script or HTML via the 'view_type' parameter.