CVE-2018-16362

Name of the Vulnerable Software and Affected Versions MantisBT Source Integration plugin versions prior to 1.5.9 MantisBT Source Integration plugin versions 2.x prior to 2.1.5

Description A cross-site scripting (XSS) issue in the Manage Repository and Changesets List pages allows execution of arbitrary code, if Content Security Policy (CSP) settings permit it, via repo manage page.php or list.php.

Recommendations For MantisBT Source Integration plugin versions prior to 1.5.9, update to version 1.5.9 or later. For MantisBT Source Integration plugin versions 2.x prior to 2.1.5, update to version 2.1.5 or later.