Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in core/summaryapi.php in MantisBT 1.2.12 allow remote authenticated users with manager or administrator permissions to inject arbitrary web script or HTML via a 1 category name in the summaryprintbycategory function or 2 project name in the...