Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 3 Aug 2010 01:15:23 +0200
From: Hanno Böck <>
Subject: CVE request: Attachment XSS in mantis < 1.2.2

Issue #11952 covers a security fix to the display of inline attachments, where 
“Arbitrary inline attachment rendering could lead to cross-domain scripting or 
other browser attacks”.

Hanno Böck		Blog:
GPG: 3DBD3B20		Jabber/Mail: - professional webhosting

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ