MantisBT Multiple Local File Include and Cross Site Scripting Vulnerabilities

This host is running MantisBT and is prone to multiple local file include and cross-site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmantismultlfinxssvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ MantisBT Multiple Local File Include and Cross Site Scripting Vulnerabilities...

CVE-2011-3356

Multiple cross-site scripting XSS vulnerabilities in configdefaultsinc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO, as demonstrated by the PATHINFO to 1 manageconfigemailpage.php, 2 manageconfigworkflowpage.php, or 3 bugs/plugin.php...