Hauntit

**Name of the Vulnerable Software and Affected Versions** MantisBT version 1.2.12 **Description** A cross-site scripting issue exists due to a vulnerability in the filter draw selection area2 function. This allows remote attackers to inject arbitrary web script or HTML via the `match type` parameter to the "bugs/search.php" endpoint. **Recommendations** For MantisBT version 1.2.12, update to version 1.2.13 to resolve the issue.