MantisBT manage_user_page.php file cross-site scripting vulnerability

MantisBT is a Web-based open source defect tracking system of the MantisBT team . The system provides project management and defect tracking services in the form of Web operations. A cross-site scripting vulnerability exists in the manageuserpage.php file in version 2.x of MantisBT prior to 2.5.2...

CVE-2017-12062

An XSS issue was discovered in manageuserpage.php in MantisBT 2.x before 2.5.2. The 'filter' field is not sanitized before being rendered in the Manage User page, allowing remote attackers to execute arbitrary JavaScript code if CSP is disabled...

CVE-2006-0841

Multiple cross-site scripting XSS vulnerabilities in Mantis 1.00rc4 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 hidestatus, 2 handlerid, 3 usermonitor, 4 reporterid, 5 viewtype, 6 showseverity, 7 showcategory, 8 showstatus, 9 showresolution, 10 showbuild, 1...