CVE-2013-0197

Publication date

2014-05-15 14:00:00

Family

redhat

State

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the match_type parameter to bugs/search.php.