CVE-2005-4522

Name of the Vulnerable Software and Affected Versions Mantis versions 1.0.0rc3 and earlier

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the view type and target field parameters in the view filters page.php filters script.

Recommendations For Mantis versions 1.0.0rc3 and earlier, avoid using the view type and target field parameters in the affected script until a fix is available. As a temporary workaround, consider restricting access to the view filters page.php script to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.