1
Candidate: CVE-2011-2938
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2938
5
http://www.openwall.com/lists/oss-security/2011/08/19/16
7
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in
8
MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script
9
or HTML via a parameter, as demonstrated by the project_id parameter to
13
jdstrand> per Debian, 1.1.8 not affected
15
https://bugs.launchpad.net/ubuntu/+source/mantis/+bug/828857
16
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638321
22
patch: https://github.com/mantisbt/mantisbt/commit/317f3db3a3c68775de3acf3b15f55b1e3c18f93b
23
upstream_mantis: released (1.2.6-1, 1.2.7)
24
hardy_mantis: ignored (reached end-of-life)
25
lucid_mantis: not-affected
26
maverick_mantis: not-affected
27
natty_mantis: not-affected
28
devel_mantis: released (1.2.6-1)