Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the font family preference update process. An attacker can execute arbitrary HTML or JavaScript in the context of another user's session by injecting malicious...