CVE-2009-2802
Affected product: MantisBT 1.2.x prior to 1.2.2. Vulnerability arises from insecure handling of attachments and MIME types, allowing arbitrary inline attachment rendering that could enable cross-domain scripting or other browser attacks. Root cause: improper attachment/MIME processing in the lega...