CVE-2017-12061

CVE-2017-12061 affects MantisBT installations via admin/install.php, with XSS caused by unsanitized user-controlled variables in the installer (notably $f_database, $f_db_username, $f_admin_username). Vulnerable versions are MantisBT < 1.3.12 and