MantisBT XSS in manage_custom_field_update.php
An issue was discovered in MantisBT through 2.24.3. In the helperensureconfirmed call in managecustomfieldupdate.php, the custom field name is not sanitized. This may be problematic depending on CSP settings...