An XSS vulnerability in the MantisBT Source Integration Plugin (prior to 2.0.2) search result page allows an malicious user to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by crafting any valid parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mantisbt source integration |