1
Candidate: CVE-2010-3303
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3303
5
http://www.mantisbt.org/bugs/changelog_page.php?version_id=111
6
http://www.openwall.com/lists/oss-security/2010/09/14/12
8
Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before
9
1.2.3 allow remote authenticated administrators to inject arbitrary web
10
script or HTML via (1) a plugin name, related to
11
manage_plugin_uninstall.php; (2) an enumeration value or (3) a String value
12
of a custom field, related to core/cfdefs/cfdef_standard.php; or a (4)
13
project or (5) category name to print_all_bug_page_word.php.
17
http://www.mantisbt.org/bugs/view.php?id=12238
18
http://www.mantisbt.org/bugs/view.php?id=12234
19
http://www.mantisbt.org/bugs/view.php?id=12232
20
http://www.mantisbt.org/bugs/view.php?id=12231
26
upstream_mantis: released (1.2.3)
27
dapper_mantis: ignored (reached end-of-life)
28
hardy_mantis: ignored (reached end-of-life)
29
jaunty_mantis: ignored (reached end-of-life)
30
karmic_mantis: ignored (reached end-of-life)
31
lucid_mantis: ignored (reached end-of-life)
32
maverick_mantis: ignored (reached end-of-life)
33
natty_mantis: ignored (reached end-of-life)
34
oneiric_mantis: not-affected (1.2.8-1)
35
precise_mantis: not-affected (1.2.8-1)
36
quantal_mantis: not-affected (1.2.8-1)
37
raring_mantis: not-affected (1.2.8-1)
38
saucy_mantis: not-affected (1.2.8-1)