Martin Herfurt

**Name of the Vulnerable Software and Affected Versions** MantisBT versions prior to 1.2.16 **Description** The issue allows remote attackers to execute arbitrary SQL commands via a crafted envelope tag in a "mc issue attachment get" SOAP request. This is due to a SQL injection vulnerability in the mci file get function in api/soap/mc file api.php. **Recommendations** For versions prior to 1.2.16, update to version 1.2.16 or later to resolve the issue. As a temporary workaround, consider restricting access to the `mci file get` function in `api/soap/mc file api.php` to minimize the risk of exploitation. Avoid using crafted envelope tags in `mc issue attachment get` SOAP requests until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Apache Solr versions prior to 4.1 **Description** The issue affects the UpdateRequestHandler for XSLT or XPathEntityProcessor, allowing remote attackers to have an impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. **Recommendations** For Apache Solr versions prior to 4.1, update to version 4.1 or later to resolve the issue.