An XSS issue exists in browser_search_plugin.php in MantisBT prior to 2.25.2. Unescaped output of the return parameter allows an malicious user to inject code into a hidden input field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mantisbt mantisbt |