Mantis 2.11.1 Cross Site Scripting
- Date Published:2019-01-10
- Last Updated:2019-01-11
- Version Affected: Mantis 2.11.1
- CVE: CVE-2018-13055 | 106442
MantisBT is a web-based open source defect tracking system developed by the MantisBT team. The system provides project management and defect tracking service in the form of Web operation.
Mantis 2.11.1 has cross-site scripting vulnerabilities. Attackers can exploit this vulnerability to achieve cross-site attacks.
At present, the vendor has released the patches to repair loopholes, patch for a link: https://www.mantisbt.org/