mantis -- multiple vulnerabilities

2020-09-13T00:00:00
ID 19259833-26B1-11EB-A239-1C697A013F4B
Type freebsd
Reporter FreeBSD
Modified 2020-11-15T00:00:00

Description

Mantis 2.24.3 release reports:

This release fixes 3 security issues:

0027039: CVE-2020-25781: Access to private bug note attachments 0027275: CVE-2020-25288: HTML Injection on bug_update_page.php 0027304: CVE-2020-25830: HTML Injection in bug_actiongroup_page.php